[Secure-testing-commits] r9121 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2008-06-22 13:44:34 +0000 (Sun, 22 Jun 2008)
New Revision: 9121

Modified:
   data/CVE/list
Log:
CVE-2008-266{2,3}, CVE-2008-272[5-8], CVE-2008-2664 fixed in ruby1.9 1.9.0.2-1 and ruby1.8 1.8.7.22-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-06-22 13:04:34 UTC (rev 9120)
+++ data/CVE/list	2008-06-22 13:44:34 UTC (rev 9121)
@@ -124,14 +124,22 @@
 	RESERVED
 CVE-2008-2729
 	RESERVED
-CVE-2008-2728
+CVE-2008-2728 [Integer overflow in rb_ary_replace()]
 	RESERVED
-CVE-2008-2727
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
+CVE-2008-2727 [integer overflow in rb_ary_replace()]
 	RESERVED
-CVE-2008-2726
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
+CVE-2008-2726 [integer overflow in rb_ary_splice()]
 	RESERVED
-CVE-2008-2725
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
+CVE-2008-2725 [integer overflow in rb_ary_splice()]
 	RESERVED
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
 CVE-2008-2718 (Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 ...)
 	TODO: check
 CVE-2008-2716 (Unspecified vulnerability in Opera before 9.5 allows remote attackers ...)
@@ -273,12 +281,18 @@
 	RESERVED
 	- php5 <unfixed> (unimportant)
 	NOTE: safe mode not supported
-CVE-2008-2664
+CVE-2008-2664 [unsafe use of alloca in rb_str_format()]
 	RESERVED
-CVE-2008-2663
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
+CVE-2008-2663 [integer overflows in rb_ary_store()]
 	RESERVED
-CVE-2008-2662
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
+CVE-2008-2662 [Integer overflows in rb_str_buf_append()]
 	RESERVED
+	- ruby1.9 1.9.0.2-1
+	- ruby1.8 1.8.7.22-1
 CVE-2008-2661
 	RESERVED
 CVE-2008-2660