[Secure-testing-commits] r9007 - in data: CVE NMU
white at alioth.debian.org
white at alioth.debian.org
Sat Jun 7 04:40:24 UTC 2008
Author: white
Date: 2008-06-07 04:40:23 +0000 (Sat, 07 Jun 2008)
New Revision: 9007
Modified:
data/CVE/list
data/NMU/list
Log:
Fix three issues in evolution via NMU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-06 18:44:18 UTC (rev 9006)
+++ data/CVE/list 2008-06-07 04:40:23 UTC (rev 9007)
@@ -1,3 +1,5 @@
+CVE-2008-XXXX [missing sanity checks allow DoS via mis-formated timestamp]
+ - evolution 2.22.2-1.1 (low; bug #484639)
CVE-2008-2559 (Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows ...)
NOT-FOR-US: Borland Interbase
CVE-2008-2558 (CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute ...)
@@ -3302,11 +3304,11 @@
[etch] - xine-lib <not-affected> (Not affected per assessment of maintainer)
[sarge] - xine-lib <not-affected> (Not affected per assessment of maintainer)
CVE-2008-1109 (Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted ...)
- - evolution <unfixed> (low; bug #484639)
+ - evolution 2.22.2-1.1 (low; bug #484639)
NOTE: Requires that the user accepts the iCalendar request and replies
NOTE: to it from the "Calendars" window.
CVE-2008-1108 (Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is ...)
- - evolution <unfixed> (low; bug #484639)
+ - evolution 2.22.2-1.1 (low; bug #484639)
NOTE: Requires that the ITip Formatter plugin is disabled, which is enabled by default.
CVE-2008-1107
RESERVED
Modified: data/NMU/list
===================================================================
--- data/NMU/list 2008-06-06 18:44:18 UTC (rev 9006)
+++ data/NMU/list 2008-06-07 04:40:23 UTC (rev 9007)
@@ -104,3 +104,4 @@
2008-05-28 openssl 0.9.8g-10.1
2008-05-31 imlib2 1.4.0-1.1
2008-06-01 pan 0.132-3.1
+2008-06-07 evolution 2.22.2-1.1
More information about the Secure-testing-commits
mailing list