[Secure-testing-commits] r9195 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Mon Jun 30 16:08:46 UTC 2008
Author: jmm-guest
Date: 2008-06-30 16:08:45 +0000 (Mon, 30 Jun 2008)
New Revision: 9195
Modified:
data/CVE/list
Log:
mercurial issue doesn't affect etch
wordnet audit in preparation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-30 14:58:01 UTC (rev 9194)
+++ data/CVE/list 2008-06-30 16:08:45 UTC (rev 9195)
@@ -5,6 +5,7 @@
NOTE: http://crisp.cs.du.edu/?q=ca2007-1
CVE-2008-XXXX [missing input validation]
- mercurial <unfixed> (low; bug #488628)
+ [etch] - mercurial <not-affected> (Vulnerable functionality not present)
NOTE: CVE id requested
CVE-2008-XXXX [Two remote DoS]
- linuxdcpp <unfixed> (low; bug #488630)
@@ -1496,8 +1497,6 @@
CVE-2008-2149 (Stack-based buffer overflow in the searchwn function in Wordnet 2.0, ...)
- wordnet 1:3.0-10 (bug #481186)
NOTE: wordnet can be used as a backend to web applications
- NOTE: wordnet will get a full audit by the debian audit team
- TODO: version 1:3.0-10 got uploaded to unstable, however it needs to be verified that the same problem does not exist in the rest of the code
CVE-2008-2148 (The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and ...)
- linux-2.6 2.6.25-3 (bug #481195)
[etch] - linux-2.6 <not-affected> (vulnerable code not present)
More information about the Secure-testing-commits
mailing list