[Secure-testing-commits] r9860 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Mon Sep 22 07:20:40 UTC 2008
Author: stef-guest
Date: 2008-09-22 07:20:39 +0000 (Mon, 22 Sep 2008)
New Revision: 9860
Modified:
data/CVE/list
Log:
various kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-21 21:14:09 UTC (rev 9859)
+++ data/CVE/list 2008-09-22 07:20:39 UTC (rev 9860)
@@ -3,7 +3,8 @@
CVE-2008-4114 (srv.sys in Microsoft Windows Vista SP1 allows remote attackers to ...)
NOT-FOR-US: Microsoft Windows
CVE-2008-4113 (The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the ...)
- TODO: check
+ - linux-2.6 2.6.26-5
+ [etch] - linux-2.6.24 <unfixed>
CVE-2008-4112 (Directory traversal vulnerability in bin/configure in TWiki before ...)
- twiki <unfixed> (low)
NOTE: access to configure script is restricted to localhost on Debian
@@ -493,7 +494,8 @@
CVE-2008-3891 (The SAML Single Sign-On (SSO) Service for Google Apps allows remote ...)
NOT-FOR-US: SAML Service for Google Apps
CVE-2008-3890 (The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an ...)
- TODO: check
+ - kfreebsd-6 6.3-7
+ - kfreebsd-7 7.0-5
CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 ...)
NOT-FOR-US: Mini-NUKE Freehost
CVE-2008-3887 (Multiple SQL injection vulnerabilities in index.php in dotProject ...)
@@ -1403,9 +1405,10 @@
- yelp 2.22.1-4 (low)
[etch] - yelp <not-affected> (Vulnerable code not present)
CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in ...)
- TODO: check
+ - kfreebsd-7 7.0-5
CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1 does not ...)
- TODO: check
+ - kfreebsd-6 6.3-7
+ - kfreebsd-7 7.0-5
CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex function in ...)
- libxml2 <unfixed> (bug #498768)
CVE-2008-3528
@@ -1417,7 +1420,8 @@
- linux-2.6 2.6.26-4
[etch] - linux-2.6 <not-affected>
CVE-2008-3525 (The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem ...)
- TODO: check
+ - linux-2.6 <unfixed>
+ - linux-2.6.24 <unfixed>
CVE-2008-3524
RESERVED
CVE-2008-3523
@@ -1963,7 +1967,7 @@
- linux-2.6 <unfixed>
NOTE: d70b67c8bc72ee23b55381bd6a884f4796692f77
CVE-2008-3274 (The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA ...)
- TODO: check
+ NOT-FOR-US: FreeIPA
CVE-2008-3273 (JBoss Enterprise Application Platform (aka JBossEAP or EAP) before ...)
NOT-FOR-US: JBoss
CVE-2008-3272 (The snd_seq_oss_synth_make_info function in ...)
@@ -2399,7 +2403,7 @@
CVE-2008-3102
RESERVED
CVE-2008-3101 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2008-3100 (Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve ...)
- owl-dms 0.95-1.1 (low; bug #493579)
CVE-2008-3099
More information about the Secure-testing-commits
mailing list