[Secure-testing-commits] r10430 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Nov 19 22:43:49 UTC 2008
Author: jmm-guest
Date: 2008-11-19 22:43:48 +0000 (Wed, 19 Nov 2008)
New Revision: 10430
Modified:
data/CVE/list
Log:
dnspython no-dsa
new cups issue doesn't affect etch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-19 22:30:38 UTC (rev 10429)
+++ data/CVE/list 2008-11-19 22:43:48 UTC (rev 10430)
@@ -56,6 +56,7 @@
TODO: check
CVE-2008-XXXX [cupsd crashes when more than 100 rss subscriptions are added]
- cups <unfixed> (bug #506180)
+ [etch] - cupsys <not-affected> (RSS subscription code not yet present)
CVE-2008-XXXX [no-ip DUC remote code execution]
- no-ip <unfixed> (bug #506179)
CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...)
@@ -8716,6 +8717,7 @@
- pdnsd 1.2.6-par-11 (bug #502275)
- python-dns 2.3.1-5 (low; bug #490217)
- dnspython <unfixed> (low; bug #492465)
+ [lenny] - dnspython <no-dsa> (Just a stub resolver, Linux kernel provides source port randomisation)
- adns 1.4-2 (unimportant; bug #492698)
NOTE: adns is not suitable to use with untrusted responses, documented in README.Debian
- udns <unfixed> (bug #493599)
More information about the Secure-testing-commits
mailing list