[Secure-testing-commits] r8355 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Mon Mar 17 17:02:45 UTC 2008 

Author: jmm-guest
Date: 2008-03-17 17:02:44 +0000 (Mon, 17 Mar 2008)
New Revision: 8355

Modified:
   data/CVE/list
Log:
- kfreebsd not supported yet
- three latest wireshark issues don't affect stable or etch
- moin temp issue CVEfied some weeks ago


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-17 16:48:19 UTC (rev 8354)
+++ data/CVE/list	2008-03-17 17:02:44 UTC (rev 8355)
@@ -292,14 +292,17 @@
 	NOTE: rare and unwise. low priority.
 CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
 	- kfreebsd-5 <removed>
+	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed>
 	- kfreebsd-7 <unfixed>
 CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
 	- kfreebsd-5 <removed>
+	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed>
 	- kfreebsd-7 <unfixed>
 CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
 	- kfreebsd-5 <removed>
+	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed>
 	- kfreebsd-7 <unfixed>
 CVE-2008-1144
@@ -499,10 +502,16 @@
 	NOT-FOR-US: Internet Security Systems
 CVE-2008-1072 (The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
+	[etch] - wireshark <not-affected> (Only affected in conjunction with later libcairo)
+	[sarge] - ethereal <not-affected> (Only affected in conjunction with later libcairo)
 CVE-2008-1071 (The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
+	[etch] - wireshark <not-affected> (Only affects 0.99.6 onwards)
+	[sarge] - ethereal <not-affected> (Only affects 0.99.6 onwards)
 CVE-2008-1070 (The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
+	[etch] - wireshark <not-affected> (Only affects 0.99.5 onwards)
+	[sarge] - ethereal <not-affected> (Only affects 0.99.5 onwards)
 CVE-2008-1069 (Multiple PHP remote file inclusion vulnerabilities in Quantum Game ...)
 	NOT-FOR-US: Quantum Game Library
 CVE-2008-1068 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php ...)
@@ -8162,8 +8171,6 @@
 	NOT-FOR-US: Plesk (Windows)
 CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
 	- libgd2 2.0.35.dfsg-3
-CVE-2007-XXXX [moin cross site scripting]
-	- moin 1.5.8-3 (low)
 CVE-2007-XXXX [mondo insecure handling of temporary files]
 	- mondo 2.24-2 (low)
 CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in ...)

More information about the Secure-testing-commits mailing list