[Secure-testing-commits] r10201 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Wed Oct 29 17:33:15 UTC 2008


Author: jmm-guest
Date: 2008-10-29 17:33:06 +0000 (Wed, 29 Oct 2008)
New Revision: 10201

Modified:
   data/CVE/list
Log:
balazar3 fixed
dovecot fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-29 11:19:25 UTC (rev 10200)
+++ data/CVE/list	2008-10-29 17:33:06 UTC (rev 10201)
@@ -63,9 +63,7 @@
 CVE-2008-4748 (Format string vulnerability in the URI handler in KVirc 3.4.0, when ...)
 	- kvirc 2:3.4.0-3 (bug #503401)
 CVE-2008-XXXX [balazar3: insecure temp file handling]
-	- blazar3 <not-affected> (Package is in experimental)
-	NOTE: balazar3 is in experimental, see bug #503750
-	NOTE: Temp issues can't be marked as NFUs
+	- balazar3 0.1-2 (bug #503750)
 CVE-2008-4775 [XSS in phpmyadmin via db parameter in pmd_pdf.php]
 	- phpmyadmin <unfixed> (unimportant)
 	NOTE: relies on register_globals being on which is not supported by Debian
@@ -426,7 +424,7 @@
 	- dovecot <unfixed> (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
 CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...)
-	- dovecot <unfixed> (low; bug #502967)
+	- dovecot 1:1.0.15-2.2 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
 CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
 	- linux-2.6 2.6.26-9
@@ -6997,9 +6995,8 @@
 	NOT-FOR-US: Skype
 CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not ...)
 	- snort 2.7.0-20 (low; bug #483160)
+	[lenny] - snort 2.7.0-20.2 (low; bug #483160)
 	[etch] - snort <not-affected> (Only 2.6 and 2.8 are affected)
-	[lenny] - snort 2.7.0-20.2
-	NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701
 CVE-2008-1803 (Integer signedness error in the xrealloc function (rdesktop.c) in ...)
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480135)




More information about the Secure-testing-commits mailing list