[Secure-testing-commits] r10537 - data/CVE

sf at alioth.debian.org sf at alioth.debian.org
Sat Nov 29 22:54:26 UTC 2008


Author: sf
Date: 2008-11-29 22:54:25 +0000 (Sat, 29 Nov 2008)
New Revision: 10537

Modified:
   data/CVE/list
Log:
new valgrind issue
new linux issues
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-29 22:19:32 UTC (rev 10536)
+++ data/CVE/list	2008-11-29 22:54:25 UTC (rev 10537)
@@ -156,7 +156,8 @@
 	- cups 1.3.8-1
 	TODO: check if version in etch is affected
 CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might ...)
-	TODO: check
+	- linux-2.6 <unfixed>
+	[etch] - linux-2.6.24 <unfixed>
 CVE-2008-5181 (Microsoft Communicator allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft Communicator
 CVE-2008-5180 (Microsoft Communicator allows remote attackers to cause a denial of ...)
@@ -282,7 +283,8 @@
 CVE-2008-5135 (** DISPUTED ** ...)
 	- os-prober <unfixed> (unimportant)
 CVE-2008-5134 (Buffer overflow in the lbs_process_bss function in ...)
-	TODO: check
+	- linux-2.6 <unfixed>
+	[etch] - linux-2.6.24 <unfixed>
 CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, ...)
 	NOT-FOR-US: ipnat
 CVE-2008-5183 (cupsd in CUPS before 1.3.8 allows local users, and possibly remote ...)
@@ -333,7 +335,7 @@
 CVE-2008-5111 (Unspecified vulnerability in the socket function in Sun Solaris 10 and ...)
 	NOT-FOR-US: Solaris
 CVE-2008-5109 (The default configuration of Adobe Flash Media Server (FMS) 3.0 does ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash
 CVE-2008-5108 (Unspecified vulnerability in Adobe AIR 1.1 and earlier allows ...)
 	NOT-FOR-US: Adobe AIR
 CVE-2008-5107 (The installation process for Citrix Presentation Server 4.5 and ...)
@@ -854,7 +856,7 @@
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...)
-	TODO: check
+	- valgrind <unfixed> (low; bug filed)
 CVE-2008-4864 (Multiple integer overflows in imageop.c in the imageop module in ...)
 	- python2.5 2.5.2-12 (bug #504619)
 	- python2.4 2.4.5-6 (bug #504620)
@@ -952,15 +954,15 @@
 CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
 	TODO: check
 CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe Acrobat
 CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...)
 	NOT-FOR-US: Adobe Reader on Windows
 CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe Acrobat
 CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Acrobat
 CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier allow remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Adobe Acrobat
 CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer ...)
 	NOT-FOR-US: Adobe Reader Explorer extension
 CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...)




More information about the Secure-testing-commits mailing list