[Secure-testing-commits] r10412 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Tue Nov 18 09:06:50 UTC 2008 

Author: jmm-guest
Date: 2008-11-18 09:06:49 +0000 (Tue, 18 Nov 2008)
New Revision: 10412

Modified:
   data/CVE/list
Log:
- new kernel issue
- trac fixed
- typo3 issue only a third party extension


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-18 09:02:07 UTC (rev 10411)
+++ data/CVE/list	2008-11-18 09:06:49 UTC (rev 10412)
@@ -7,10 +7,7 @@
 CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote ...)
 	NOT-FOR-US: MyFWB
 CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...)
-	- typo3-src-4.2 <unfixed> (bug #506079; medium)
-	- typo3-src-4.0 <unfixed> (bug #506080; medium)
-	NOTE: upstream is not going to fix the bug,
-	NOTE: they recommend to remove the extension until it is not fixed.
+	NOT-FOR-US: Typo3 third party extension "file_list"
 CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User ...)
 	NOT-FOR-US: Novell User Application
 CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory ...)
@@ -138,8 +135,9 @@
 	- websvn 2.0-4 (bug #503330)
 	NOTE: http://www.gulftech.org/?node=research&article_id=00132-10202008
 CVE-2008-5033 (The chip_command function in drivers/media/video/tvaudio.c in the ...)
-	- linux-2.6 2.6.26-10
-	- linux-2.6.24 <unfixed>
+	- linux-2.6 2.6.26-11
+	[etch] - linux-2.6.24 <not-affected> (Vulnerable code not present; different ioctls3B)
+	[etch] - linux-2.6 <not-affected> (Vulnerable code not present; different ioctls)
 CVE-2008-5031 (Multiple integer overflows in Python 2.5.2 allow context-dependent ...)
 	- python2.5 2.5.2-11.1
 	TODO: check python2.4
@@ -196,7 +194,7 @@
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <unfixed>
 CVE-2008-XXXX [Trac Multiple Vulnerabilities]
-	- trac <unfixed> (bug #505197)
+	- trac 0.11.1-2.1 (bug #505197)
 CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or ...)
 	- libsamplerate 0.1.4-1
 CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP ...)

More information about the Secure-testing-commits mailing list