[Secure-testing-commits] r9993 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Sat Oct 4 12:49:06 UTC 2008


Author: jmm-guest
Date: 2008-10-04 12:49:05 +0000 (Sat, 04 Oct 2008)
New Revision: 9993

Modified:
   data/CVE/list
Log:
Lenny triage:
- older kernel issue fixed
- kfreebsd still unsupported in Lenny
- ffmpeg crasher unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-04 10:44:30 UTC (rev 9992)
+++ data/CVE/list	2008-10-04 12:49:05 UTC (rev 9993)
@@ -2825,8 +2825,9 @@
 CVE-2008-3231 (xine before 1.1.5 allows user-assisted attackers to cause a denial of ...)
 	- xine-lib 1.1.14-2 (bug #492870; low)
 CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...)
-	- ffmpeg-debian <unfixed> (low; bug #498764)
+	- ffmpeg-debian <unfixed> (unimportant; bug #498764)
 	- ffmpeg <removed>
+        NOTE: Only a NULL pointer deference, hardly security relevant
 CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply certain ...)
 	- joomla <itp> (bug #326398)
 CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact ...)
@@ -7708,17 +7709,23 @@
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed>
+	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 <unfixed> (bug #483152)
+	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed>
+	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 <unfixed> (bug #483152)
+	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <unfixed> (bug #483152)
+	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 <unfixed> (bug #483152)
+	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 CVE-2008-1144 (The Marvell driver for the Netgear WN802T Wi-Fi access point with ...)
 	NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
 CVE-2008-1143
@@ -18468,7 +18475,7 @@
 	NOTE: Only DoS by memleaks or double-frees, not treated as security problems
 CVE-2007-3740 (The CIFS filesystem in the Linux kernel before 2.6.22, when Unix ...)
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.22
 CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not ...)
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.20-1




More information about the Secure-testing-commits mailing list