[Secure-testing-commits] r8304 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Mar 10 21:14:11 UTC 2008


Author: joeyh
Date: 2008-03-10 21:14:10 +0000 (Mon, 10 Mar 2008)
New Revision: 8304

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-10 21:05:17 UTC (rev 8303)
+++ data/CVE/list	2008-03-10 21:14:10 UTC (rev 8304)
@@ -1,3 +1,295 @@
+CVE-2008-1269 (cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus ...)
+	TODO: check
+CVE-2008-1268 (The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware ...)
+	TODO: check
+CVE-2008-1267 (The Siemens SpeedStream 6520 router allows remote attackers to cause a ...)
+	TODO: check
+CVE-2008-1266 (Multiple buffer overflows in the web interface on the D-Link DI-524 ...)
+	TODO: check
+CVE-2008-1265 (The Linksys WRT54G router allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2008-1264 (The Linksys WRT54G router has "admin" as its default FTP password, ...)
+	TODO: check
+CVE-2008-1263 (The Linksys WRT54G router stores passwords and keys in cleartext in ...)
+	TODO: check
+CVE-2008-1262 (The administration panel on the Airspan WiMax ProST 4.1 antenna with ...)
+	TODO: check
+CVE-2008-1261 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides ...)
+	TODO: check
+CVE-2008-1260 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+	TODO: check
+CVE-2008-1259 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains ...)
+	TODO: check
+CVE-2008-1258 (Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link ...)
+	TODO: check
+CVE-2008-1257 (Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ...)
+	TODO: check
+CVE-2008-1256 (The ZyXEL P-660HW series router has "admin" as its default password, ...)
+	TODO: check
+CVE-2008-1255 (The ZyXEL P-660HW series router maintains authentication state by IP ...)
+	TODO: check
+CVE-2008-1254 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+	TODO: check
+CVE-2008-1253 (Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the ...)
+	TODO: check
+CVE-2008-1252 (b_banner.stm (aka the login page) on the Deutsche Telekom Speedport ...)
+	TODO: check
+CVE-2008-1251 (Cross-site scripting (XSS) vulnerability in the web interface on the ...)
+	TODO: check
+CVE-2008-1250 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+	TODO: check
+CVE-2008-1249 (snomControl.swf in the central phone server for the Snom 320 SIP Phone ...)
+	TODO: check
+CVE-2008-1248 (The web interface on the central phone server for the Snom 320 SIP ...)
+	TODO: check
+CVE-2008-1247 (The web interface on the Linksys WRT54g router with firmware 1.00.9 ...)
+	TODO: check
+CVE-2008-1246 (The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local ...)
+	TODO: check
+CVE-2008-1245 (cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with ...)
+	TODO: check
+CVE-2008-1244 (cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware ...)
+	TODO: check
+CVE-2008-1243 (Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router ...)
+	TODO: check
+CVE-2008-1242 (The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 ...)
+	TODO: check
+CVE-2008-1241
+	RESERVED
+CVE-2008-1240
+	RESERVED
+CVE-2008-1239
+	RESERVED
+CVE-2008-1238
+	RESERVED
+CVE-2008-1237
+	RESERVED
+CVE-2008-1236
+	RESERVED
+CVE-2008-1235
+	RESERVED
+CVE-2008-1234
+	RESERVED
+CVE-2008-1233
+	RESERVED
+CVE-2008-1232
+	RESERVED
+CVE-2008-1231 (Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and ...)
+	TODO: check
+CVE-2008-1230 (Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 ...)
+	TODO: check
+CVE-2008-1229 (Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki ...)
+	TODO: check
+CVE-2008-1228 (Cross-site scripting (XSS) vulnerability in admin.php in MG2 (formerly ...)
+	TODO: check
+CVE-2008-1227 (Stack-based buffer overflow in the silc_fingerprint function in ...)
+	TODO: check
+CVE-2008-1226 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+	TODO: check
+CVE-2008-1225 (Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus ...)
+	TODO: check
+CVE-2008-1224 (Cross-site scripting (XSS) vulnerability in account.php in ...)
+	TODO: check
+CVE-2008-1223 (Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers ...)
+	TODO: check
+CVE-2008-1222 (Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 ...)
+	TODO: check
+CVE-2008-1221 (Absolute path traversal vulnerability in the FTP server in MicroWorld ...)
+	TODO: check
+CVE-2008-1220 (SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke ...)
+	TODO: check
+CVE-2008-1219 (SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 ...)
+	TODO: check
+CVE-2008-1218
+	RESERVED
+CVE-2008-1217 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...)
+	TODO: check
+CVE-2008-1216 (IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not ...)
+	TODO: check
+CVE-2008-1215 (Stack-based buffer overflow in the command_Expand_Interpret function ...)
+	TODO: check
+CVE-2008-1214 (MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux ...)
+	TODO: check
+CVE-2008-1213 (Cross-site scripting (XSS) vulnerability in Numara FootPrints for ...)
+	TODO: check
+CVE-2008-1212 (Cross-site scripting (XSS) vulnerability in set_permissions.php in ...)
+	TODO: check
+CVE-2008-1211 (Cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x ...)
+	TODO: check
+CVE-2008-1210 (Stack-based buffer overflow in the ctags parsing code in Programmer's ...)
+	TODO: check
+CVE-2008-1209 (Cross-site scripting (XSS) vulnerability in redirect.do in Xitex ...)
+	TODO: check
+CVE-2008-1208 (Cross-site scripting (XSS) vulnerability in the login page in Check ...)
+	TODO: check
+CVE-2008-1207 (Multiple unspecified vulnerabilities in Fujitsu Interstage Smart ...)
+	TODO: check
+CVE-2008-1206 (Format string vulnerability in the log_message function in lks.c in ...)
+	TODO: check
+CVE-2008-1205 (Unspecified vulnerability in the ipsecah kernel module in Sun Solaris ...)
+	TODO: check
+CVE-2008-1204 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+	TODO: check
+CVE-2008-1203
+	RESERVED
+CVE-2008-1202
+	RESERVED
+CVE-2008-1201
+	RESERVED
+CVE-2008-1200 (Unspecified vulnerability in Microsoft Access allows remote ...)
+	TODO: check
+CVE-2008-1198 (The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 ...)
+	TODO: check
+CVE-2008-1197
+	RESERVED
+CVE-2008-1196 (Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK ...)
+	TODO: check
+CVE-2008-1195 (Unspecified vulnerability in Sun JDK and Java Runtime Environment ...)
+	TODO: check
+CVE-2008-1194 (Multiple unspecified vulnerabilities in the color management library ...)
+	TODO: check
+CVE-2008-1193 (Unspecified vulnerability in Java Runtime Environment Image Parsing ...)
+	TODO: check
+CVE-2008-1192 (Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 ...)
+	TODO: check
+CVE-2008-1191 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...)
+	TODO: check
+CVE-2008-1190 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...)
+	TODO: check
+CVE-2008-1189 (Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and ...)
+	TODO: check
+CVE-2008-1188 (Multiple buffer overflows in Java Web Start in Sun JDK and JRE 6 ...)
+	TODO: check
+CVE-2008-1187 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) and ...)
+	TODO: check
+CVE-2008-1186 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...)
+	TODO: check
+CVE-2008-1185 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...)
+	TODO: check
+CVE-2008-1184 (The DNSSEC validation library (libval) library in dnssec-tools before ...)
+	TODO: check
+CVE-2008-1183 (Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax ...)
+	TODO: check
+CVE-2008-1182 (Cross-site scripting (XSS) vulnerability in BSD Perimeter pfSense ...)
+	TODO: check
+CVE-2008-1181 (Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote ...)
+	TODO: check
+CVE-2008-1180 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2008-1179 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2008-1178 (Directory traversal vulnerability in include/doc/index.php in Centreon ...)
+	TODO: check
+CVE-2008-1177 (SQL injection vulnerability in shop/detail.php in Affiliate Market ...)
+	TODO: check
+CVE-2008-1176 (Cross-site scripting (XSS) vulnerability in function/sideblock.php in ...)
+	TODO: check
+CVE-2008-1175 (Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial ...)
+	TODO: check
+CVE-2008-1174 (Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX ...)
+	TODO: check
+CVE-2008-1173 (Cross-site scripting (XSS) vulnerability in account-inbox.php in ...)
+	TODO: check
+CVE-2008-1172 (Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php ...)
+	TODO: check
+CVE-2008-1171 (** DISPUTED ** ...)
+	TODO: check
+CVE-2008-1170 (Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow ...)
+	TODO: check
+CVE-2008-1169 (Directory traversal vulnerability in the embedded HTTP server in SCI ...)
+	TODO: check
+CVE-2008-1168 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report ...)
+	TODO: check
+CVE-2008-1167 (Stack-based buffer overflow in the useragent function in useragent.c ...)
+	TODO: check
+CVE-2008-1166 (Flyspray 0.9.9.4 generates different error messages depending on ...)
+	TODO: check
+CVE-2008-1165 (Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 ...)
+	TODO: check
+CVE-2008-1164 (SQL injection vulnerability in index.php in phpComasy 0.8 allows ...)
+	TODO: check
+CVE-2008-1163 (SQL injection vulnerability in index.php in phpArcadeScript 1.0 ...)
+	TODO: check
+CVE-2008-1162 (SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic ...)
+	TODO: check
+CVE-2008-1161
+	RESERVED
+CVE-2008-1160
+	RESERVED
+CVE-2008-1159
+	RESERVED
+CVE-2008-1158
+	RESERVED
+CVE-2008-1157
+	RESERVED
+CVE-2008-1156
+	RESERVED
+CVE-2008-1155
+	RESERVED
+CVE-2008-1154
+	RESERVED
+CVE-2008-1153
+	RESERVED
+CVE-2008-1152
+	RESERVED
+CVE-2008-1151
+	RESERVED
+CVE-2008-1150
+	RESERVED
+CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...)
+	TODO: check
+CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+	TODO: check
+CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+	TODO: check
+CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+	TODO: check
+CVE-2008-1144
+	RESERVED
+CVE-2008-1143
+	RESERVED
+CVE-2008-1141 (Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier ...)
+	TODO: check
+CVE-2008-1140 (DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users ...)
+	TODO: check
+CVE-2008-1139 (DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys ...)
+	TODO: check
+CVE-2008-1138 (DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users ...)
+	TODO: check
+CVE-2008-1137 (SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) ...)
+	TODO: check
+CVE-2008-1136 (The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through ...)
+	TODO: check
+CVE-2008-1135 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates ...)
+	TODO: check
+CVE-2008-1134 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports ...)
+	TODO: check
+CVE-2008-1133 (The Drupal.checkPlain function in Drupal 6.0 only escapes the first ...)
+	TODO: check
+CVE-2007-6706 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...)
+	TODO: check
+CVE-2007-6705 (The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client ...)
+	TODO: check
+CVE-2007-6704 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass ...)
+	TODO: check
+CVE-2007-6703 (Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) ...)
+	TODO: check
+CVE-2007-6702 (goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka ...)
+	TODO: check
+CVE-2003-1552 (Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 ...)
+	TODO: check
+CVE-2003-1551 (Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before ...)
+	TODO: check
+CVE-2003-1550 (XOOPS 2.0, and possibly earlier versions, allows remote attackers to ...)
+	TODO: check
+CVE-2003-1549 (Cross-site scripting (XSS) vulnerability in header.php in ...)
+	TODO: check
+CVE-2003-1548 (MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain ...)
+	TODO: check
+CVE-2003-1547 (Cross-site scripting (XSS) vulnerability in block-Forums.php in the ...)
+	TODO: check
+CVE-2003-1546 (Cross-site scripting (XSS) vulnerability in gbook.php in Filebased ...)
+	TODO: check
 CVE-2008-1271 [dovecot authentication bypass]
 	- dovecot 1:1.0.13-1
 	[etch] - dovecot <not-affected> (Vulnerable code not present)
@@ -8,14 +300,14 @@
 	- ldm 2:0.1~bzr20080308-1
 	- ltsp 5.0.40~bzr20071229-1
 	NOTE: In revision 5.0.40~bzr20071229-1 ldm has been split into a separate source package
-CVE-2008-1145 [File access vulnerability of WEBrick]
+CVE-2008-1145 (Directory traversal vulnerability in WEBrick 1.8 before 1.8.5-p115 and ...)
 	- ruby1.8 1.8.6.114-1 (unimportant; bug #469475)
 	- ruby1.9 <unfixed> (unimportant; bug #469482)
 	[sarge] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.9 <no-dsa> (case insensitive FS, corner case)
 	NOTE: http://www.ruby-lang.org/en/news/2008/03/03/webrick-file-access-vulnerability/
-CVE-2008-1199 [file disclosure in dovecot]
+CVE-2008-1199 (Dovecot before 1.0.11, when configured to use mail_extra_groups to ...)
 	- dovecot 1:1.0.12-1 (medium; bug #469457)
 CVE-2008-1132 (Untrusted search path vulnerability in src/mainwindow.c in Net ...)
 	NOT-FOR-US: Net Activity Viewer
@@ -82,18 +374,16 @@
 	RESERVED
 CVE-2008-1100
 	RESERVED
-CVE-2008-1099 [moin ACL bypass]
-	RESERVED
+CVE-2008-1099 (_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1098 [moin multiple xss]
-	RESERVED
+CVE-2008-1098 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1097
-	RESERVED
-CVE-2008-1096
-	RESERVED
+CVE-2008-1097 (Heap-based buffer overflow in the ReadPCXImage function in the PCX ...)
+	TODO: check
+CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ...)
+	TODO: check
 CVE-2008-1095 (Unspecified vulnerability in the Internet Protocol (IP) implementation ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2008-1094
@@ -126,8 +416,8 @@
 	NOT-FOR-US: Opera
 CVE-2008-1080 (Opera before 9.26 allows user-assisted remote attackers to read ...)
 	NOT-FOR-US: Opera
-CVE-2008-1079
-	RESERVED
+CVE-2008-1079 (The outboxWriteUnsent function in FTPThread.class in SendFile.jar for ...)
+	TODO: check
 CVE-2008-1078 (expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and ...)
 	- am-utils <not-affected> (Affected code not present in the binary package)
 	NOTE: sendmail includes a copy of the script, which has been fixed since
@@ -179,11 +469,11 @@
 	NOT-FOR-US: Symark PowerBroker
 CVE-2003-1545 (Absolute path traversal vulnerability in nukestyles.com viewpage.php ...)
 	NOT-FOR-US: nukestyles.com addon for PHP-Nuke
-CVE-2008-1111 [lighttpd sends cgi source if it fails to fork the cgi handler]
-	RESERVED
+CVE-2008-1111 (mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts ...)
 	{DSA-1513-1}
 	- lighttpd 1.4.18-3 (low; bug #469307)
 CVE-2008-1142 [insecure default behaviour in rxvt for handling DISPLAY variable]
+	RESERVED
 	- rxvt <unfixed> (unimportant; bug #469296)
 CVE-2008-XXXX [phpMyAdmin SQL injection through cookie]
 	- phpmyadmin 2.11.5-1 (low)
@@ -330,10 +620,10 @@
 	RESERVED
 CVE-2008-0987
 	RESERVED
-CVE-2008-0986
-	RESERVED
-CVE-2008-0985
-	RESERVED
+CVE-2008-0986 (Integer overflow in the BMP::readFromStream method in the libsgl.so ...)
+	TODO: check
+CVE-2008-0985 (Heap-based buffer overflow in the GIF library in the WebKit framework ...)
+	TODO: check
 CVE-2006-7232 (sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 ...)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.32-1
@@ -696,8 +986,7 @@
 	NOT-FOR-US: Thecus N5200Pro NAS Server
 CVE-2008-0983 (lighttpd 1.4.18, and possibly other versions before 1.5.0, does not ...)
 	- lighttpd 1.4.18-2 (medium; bug #466663)
-CVE-2008-0883 [tmp race]
-	RESERVED
+CVE-2008-0883 (acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 	NOTE: http://www.openwall.com/lists/oss-security/2008/02/21/5
 CVE-2008-0803 (Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan ...)
@@ -2445,8 +2734,7 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-0073
 	RESERVED
-CVE-2008-0072 [Evolution Encrypted Message Version Format String Vulnerability]
-	RESERVED
+CVE-2008-0072 (Format string vulnerability in the emf_multipart_encrypted function in ...)
 	{DSA-1512-1}
 	- evolution 2.12.3-1.1
 	NOTE: SA29057
@@ -4143,9 +4431,9 @@
 	{DSA-1470-1}
 	- horde3 3.1.6-1 (bug #461131; low)
 	- imp4 <not-affected> (xss.php is only present in horde3 package)
-CVE-2007-6017 (A Symantec ActiveX control related to the scheduler component in the ...)
+CVE-2007-6017 (The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2007-6016 (Multiple stack-based buffer overflows in a Symantec ActiveX control ...)
+CVE-2007-6016 (Multiple stack-based buffer overflows in the ...)
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2007-6015 (Stack-based buffer overflow in the send_mailslot function in nmbd in ...)
 	{DSA-1427-1 DTSA-100-1}
@@ -6378,7 +6666,7 @@
 	NOT-FOR-US: NITE ftp-server
 CVE-2003-1348 (Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org ...)
 	NOT-FOR-US: Guestbook
-CVE-2003-1347 (Cross-site scripting (XSS) vulnerability in Geeklog 1.3.7 allows ...)
+CVE-2003-1347 (Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 ...)
 	NOT-FOR-US: Geeklog
 CVE-2003-1346 (D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 ...)
 	NOT-FOR-US: DWL-900AP
@@ -15522,7 +15810,7 @@
 	- pcre3 7.3-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.3 does not ...)
+CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not ...)
 	{DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- glib2.0 2.14.3-1 (unimportant)




More information about the Secure-testing-commits mailing list