[Secure-testing-commits] r9109 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Thu Jun 19 15:42:10 UTC 2008 

Author: nion
Date: 2008-06-19 15:42:08 +0000 (Thu, 19 Jun 2008)
New Revision: 9109

Modified:
   data/CVE/list
Log:
add no-dsa items for vmware as contrib is not supported by the stable security team

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-06-19 15:05:51 UTC (rev 9108)
+++ data/CVE/list	2008-06-19 15:42:08 UTC (rev 9109)
@@ -1288,12 +1288,15 @@
 	RESERVED
 CVE-2008-2100 (Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on ...)
 	- vmware-package <unfixed> (low; bug #485919)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-2099 (Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 ...)
 	- vmware-package <not-affected> (Windows issue according to CVE)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 CVE-2008-2098 (Heap-based buffer overflow in the VMware Host Guest File System (HGFS) ...)
 	- vmware-package <unfixed> (low; bug #484491)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-2097 (Buffer overflow in the openwsman management service in VMware ESXi 3.5 ...)
@@ -2898,6 +2901,7 @@
 	- plone3 <unfixed> (low; bug #473571)
 CVE-2008-1392 (The default configuration of VMware Workstation 6.0.2, VMware Player ...)
 	- vmware-package <unfixed> (low; bug #486177)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2007-6711 (Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, ...)
@@ -3001,6 +3005,7 @@
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
 CVE-2008-1364 (Unspecified vulnerability in the DHCP service in VMware Workstation ...)
 	- vmware-package <unfixed> (low; bug #486177)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-1363 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware ...)
@@ -3050,6 +3055,7 @@
 	NOT-FOR-US: LaGarde StoreFront
 CVE-2008-1340 (Virtual Machine Communication Interface (VMCI) in VMware Workstation ...)
 	- vmware-package <unfixed> (low; bug #486177)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-1339
@@ -3968,6 +3974,7 @@
 	RESERVED
 CVE-2008-0967 (Untrusted search path vulnerability in vmware-authd in VMware ...)
 	- vmware-package <unfixed> (low; bug #486110)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-0966
@@ -9277,12 +9284,15 @@
 	NOT-FOR-US: ZZ:FlashChat
 CVE-2007-5619 (Unspecified vulnerability in VMware Server before 1.0.4 causes user ...)
 	- vmware-package <unfixed> (low; bug #486177)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2007-5618 (Unquoted Windows search path in the Authorization and other services ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 CVE-2007-5617 (Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 ...)
 	- vmware-package <unfixed> (low; bug #486177)
+	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2007-5616 (ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x ...)

More information about the Secure-testing-commits mailing list