[Secure-testing-commits] r9052 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Jun 12 13:12:14 UTC 2008
Author: nion
Date: 2008-06-12 13:12:08 +0000 (Thu, 12 Jun 2008)
New Revision: 9052
Modified:
data/CVE/list
Log:
NFUs
CVE-2008-2358 fixed in linux-2.6 2.6.25-4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-12 11:00:44 UTC (rev 9051)
+++ data/CVE/list 2008-06-12 13:12:08 UTC (rev 9052)
@@ -218,35 +218,35 @@
CVE-2008-2576
RESERVED
CVE-2008-2574 (Unrestricted file upload vulnerability in admin/Editor/imgupload.php ...)
- TODO: check
+ NOT-FOR-US: FlashBlog
CVE-2008-2573 (Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: freeSSHd
CVE-2008-2572 (SQL injection vulnerability in php/leer_comentarios.php in FlashBlog ...)
- TODO: check
+ NOT-FOR-US: FlashBlog
CVE-2008-2571 (Cross-site request forgery (CSRF) vulnerability in LimeSurvey ...)
- TODO: check
+ NOT-FOR-US: LimeSurvey
CVE-2008-2570 (Multiple unspecified vulnerabilities in LimeSurvey (formerly ...)
- TODO: check
+ NOT-FOR-US: LimeSurvey
CVE-2008-2569 (SQL injection vulnerability in the EasyBook (com_easybook) component ...)
- TODO: check
+ NOT-FOR-US: com_easybook component for Joomla!
CVE-2008-2568 (SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) ...)
- TODO: check
+ NOT-FOR-US: com_simpleshop component for Joomla!
CVE-2008-2567 (Cross-site scripting (XSS) vulnerability in Fenriru Sleipnir 2.7.1 ...)
- TODO: check
+ NOT-FOR-US: Fenriru Sleipnir
CVE-2008-2566 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address ...)
- TODO: check
+ NOT-FOR-US: PHP Address Book
CVE-2008-2565 (Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and ...)
- TODO: check
+ NOT-FOR-US: PHP Address Book
CVE-2008-2564 (SQL injection vulnerability in the JotLoader (com_jotloader) component ...)
- TODO: check
+ NOT-FOR-US: com_jotloader component for Joomla!
CVE-2008-2563 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: SamTodo
CVE-2008-2562 (SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and ...)
- TODO: check
+ NOT-FOR-US: PowerPhlogger
CVE-2008-2561 (Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 ...)
- TODO: check
+ NOT-FOR-US: 427BB
CVE-2008-2560 (SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows ...)
- TODO: check
+ NOT-FOR-US: 427BB
CVE-2008-2654 [off-by-one in webhttpd.c]
RESERVED
- motion 3.2.9-3 (low; bug #484572)
@@ -286,7 +286,7 @@
CVE-2008-2546
REJECTED
CVE-2008-2545 (Skype 3.6.0.248, and other versions before 3.8.0.139, uses a ...)
- TODO: check
+ NOT-FOR-US: Skype
CVE-2008-2544
RESERVED
CVE-2008-2543 (The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and ...)
@@ -608,9 +608,9 @@
CVE-2008-2390 (Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ...)
NOT-FOR-US: HP Software Update
CVE-2008-2389 (opensuse-updater in openSUSE 10.2 allows local users to access ...)
- TODO: check
+ NOT-FOR-US: opensuse-updater
CVE-2008-2388 (Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have ...)
- TODO: check
+ NOT-FOR-US: opensuse-updater
CVE-2008-2387
RESERVED
CVE-2008-2386
@@ -681,7 +681,8 @@
NOT-FOR-US: system-config-network Fedora
CVE-2008-2358 (The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux ...)
{DSA-1592-1}
- TODO: check
+ - linux-2.6 2.6.25-4
+ NOTE: this version casts sizeof to int. This is a module, not a compiled in feature in Debian
CVE-2008-2357 (Stack-based buffer overflow in the split_redraw function in split.c in ...)
{DSA-1587-1}
- mtr 0.73-1
More information about the Secure-testing-commits
mailing list