[Secure-testing-commits] r9798 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Sep 11 10:50:45 UTC 2008
Author: nion
Date: 2008-09-11 10:50:44 +0000 (Thu, 11 Sep 2008)
New Revision: 9798
Modified:
data/CVE/list
Log:
COMMAND issue in gmanedit non-issue, utf8 conversion overflow got CVE-2008-3971
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-11 10:15:35 UTC (rev 9797)
+++ data/CVE/list 2008-09-11 10:50:44 UTC (rev 9798)
@@ -93,7 +93,7 @@
CVE-2008-3972 (pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to ...)
TODO: check
CVE-2008-3971 (Heap-based buffer overflow in the open_man_file function in ...)
- TODO: check
+ - gmanedit <unfixed> (medium; bug #497835)
CVE-2008-3970 (pam_mount 0.10 through 0.45, when luserconf is enabled, does not ...)
TODO: check
CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow ...)
@@ -228,11 +228,8 @@
CVE-2008-3914 (Multiple unspecified vulnerabilities in ClamAV before 0.94 have ...)
- clamav 0.94.dfsg-1
CVE-2008-XXXX [buffer overflow via crafted configuration file (COMMAND)]
- - gmanedit <unfixed> (low; bug #497835)
- NOTE: CVE id requested
-CVE-2008-XXXX [buffer overflow via crafted manual page caused by utf8 conversion]
- - gmanedit <unfixed> (medium; bug #497835)
- NOTE: CVE id requested
+ - gmanedit <unfixed> (unimportant; bug #497835)
+ NOTE: you can execute commands via this with a valid configuration string anyway
CVE-2008-3934 (Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 ...)
- wireshark <unfixed> (bug #497878)
CVE-2008-3933 (Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers ...)
More information about the Secure-testing-commits
mailing list