[Secure-testing-commits] r9041 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Wed Jun 11 21:03:22 UTC 2008 

Author: jmm-guest
Date: 2008-06-11 21:03:21 +0000 (Wed, 11 Jun 2008)
New Revision: 9041

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
more no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-06-11 21:02:21 UTC (rev 9040)
+++ data/CVE/list	2008-06-11 21:03:21 UTC (rev 9041)
@@ -325,6 +325,7 @@
 	NOT-FOR-US: FireFTP
 CVE-2008-2575 [command execution flaw via malicious file names]
 	- cbrpager 0.9.17-1 (low; bug #482853)
+	[etch] - cbrpager <no-dsa> (Minor issue)
 CVE-2008-XXXX [resizing the monitor with xrandr can crash xscreensaver]
 	- xscreensaver <unfixed> (unimportant; bug #482385)
 CVE-2008-2516 (pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not ...)
@@ -828,6 +829,7 @@
 	- mantis 1.0.8-4.1 (bug #481504)
 CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and ...)
 	- uudeview 0.5.20-3.1 (low; bug #480972)
+	[etch] - uudeview <no-dsa> (Minor issue)
 	- libconvert-uulib-perl <not-affected> (Code patched by libconver-uulib upstream to use mkstemp)
 	- pan <not-affected> (Code patched to use g_mkstemp)
 	NOTE: See CVE-2004-2265, where the problem occured as well
@@ -1102,6 +1104,7 @@
 	NOT-FOR-US: cPanel
 CVE-2008-2085 (Multiple stack-based buffer overflows in the (1) get_remote_ip_media ...)
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
+	[etch] - sip-tester <no-dsa> (Minor issue)
 CVE-2008-2051 (The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...)
 	{DSA-1578-1 DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
@@ -1285,6 +1288,7 @@
 	NOT-FOR-US: ContRay
 CVE-2008-1959 (Stack-based buffer overflow in the get_remote_video_port_media ...)
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
+	[etch] - sip-tester <no-dsa> (Minor issue)
 CVE-2008-1958 (Unrestricted file upload vulnerability in the ajout_cat mode in ...)
 	NOT-FOR-US: Tr Script News
 CVE-2008-1957 (SQL injection vulnerability in news.php in Tr Script News 2.1 allows ...)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-06-11 21:02:21 UTC (rev 9040)
+++ data/spu-candidates.txt	2008-06-11 21:03:21 UTC (rev 9041)
@@ -39,6 +39,11 @@
 
 --
 
+cbrpager CVE-2008-XXXX [command execution flaw via malicious file names]
+#482853
+
+--
+
 cecilia (CVE-2008-1832)
 #476321
 notified maintainer
@@ -152,11 +157,15 @@
 --
 
 rsync (CVE-2007-6200)
-#453652)
+#453652
 notified maintainer
 
 --
+sip-tester (CVE-2008-1959, CVE-2008-2085)
+#479039
 
+--
+
 slocate (CVE-2007-0227)
 #411937
 notified maintainer

More information about the Secure-testing-commits mailing list