[Secure-testing-commits] r8698 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2008-05-04 11:04:45 +0000 (Sun, 04 May 2008)
New Revision: 8698

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-0071 fixed in flashplugin-nonfree 1:1.4


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-05-04 08:24:10 UTC (rev 8697)
+++ data/CVE/list	2008-05-04 11:04:45 UTC (rev 8698)
@@ -3005,7 +3005,7 @@
 CVE-2008-0713
 	RESERVED
 CVE-2008-0712 (Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ...)
-	TODO: check
+	NOT-FOR-US: HP HPeDiag
 CVE-2008-0711 (Unspecified vulnerability in the embedded management console in HP ...)
 	NOT-FOR-US: HP iLO-2 management processors
 CVE-2008-0710
@@ -3351,7 +3351,7 @@
 CVE-2008-0556 (Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, ...)
 	NOT-FOR-US: OpenCA PKI Project
 CVE-2008-0555 (The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 ...)
-	TODO: check
+	NOT-FOR-US: Apache-SSL
 CVE-2008-0552 (Cross-site scripting (XSS) vulnerability in index.php in eTicket ...)
 	NOT-FOR-US: eTicket
 CVE-2008-0551 (The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll ...)
@@ -5676,7 +5676,7 @@
 CVE-2007-6256
 	RESERVED
 CVE-2007-6255 (Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft HRTBEAT.OCX
 CVE-2007-6254 (Stack-based buffer overflow in the SAP Business Objects ...)
 	NOT-FOR-US: SAP
 CVE-2007-6253 (Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client ...)
@@ -22030,7 +22030,8 @@
 CVE-2007-0072
 	RESERVED
 CVE-2007-0071 (Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and ...)
-	TODO: check
+	- flashplugin-nonfree 1:1.4
+	NOTE: Fix came from Adobe via new Adobe Flash Player, debian package didn't change
 CVE-2007-0070
 	RESERVED
 CVE-2007-0069 (Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, ...)