[Secure-testing-commits] r8954 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Jun 1 10:14:24 UTC 2008
Author: nion
Date: 2008-06-01 10:14:23 +0000 (Sun, 01 Jun 2008)
New Revision: 8954
Modified:
data/CVE/list
Log:
CVE-2007-597{1,2}, CVE-2007-590{1,2}, CVE-2007-5894 fixed in krb5 1.6.dfsg.4~beta1-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-01 09:14:10 UTC (rev 8953)
+++ data/CVE/list 2008-06-01 10:14:23 UTC (rev 8954)
@@ -7453,11 +7453,11 @@
CVE-2007-5973 (SQL injection vulnerability in articles.php in JPortal 2.3.1 and ...)
NOT-FOR-US: JPortal
CVE-2007-5972 (Double free vulnerability in the krb5_def_store_mkey function in ...)
- - krb5 <unfixed> (unimportant; bug #454974)
+ - krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
NOTE: potential attackers must have privileges to store the krb5kdc master key
NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
CVE-2007-5971 (Double free vulnerability in the gss_krb5int_make_seal_token_v3 ...)
- - krb5 <unfixed> (unimportant; bug #454974)
+ - krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
NOTE: Not exploitable in real-world circumstances:
NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
CVE-2007-5970 (MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote ...)
@@ -7678,11 +7678,11 @@
CVE-2007-5903
RESERVED
CVE-2007-5902 (Integer overflow in the svcauth_gss_get_principal function in ...)
- - krb5 <unfixed> (unimportant; bug #454974)
+ - krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
NOTE: Not exploitable in real-world circumstances:
NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
CVE-2007-5901 (Use-after-free vulnerability in the gss_indicate_mechs function in ...)
- - krb5 <unfixed> (unimportant; bug #454974)
+ - krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
NOTE: Not exploitable in real-world circumstances:
NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
CVE-2007-5900 (PHP before 5.2.5 allows local users to bypass protection mechanisms ...)
@@ -7707,7 +7707,7 @@
CVE-2007-5895
RESERVED
CVE-2007-5894 (** DISPUTED ** ...)
- - krb5 <unfixed> (unimportant; bug #454974)
+ - krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
NOTE: Not exploitable in real-world circumstances:
NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
CVE-2006-7224
More information about the Secure-testing-commits
mailing list