[Secure-testing-commits] r11742 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Apr 29 09:14:20 UTC 2009 

Author: joeyh
Date: 2009-04-29 09:14:19 +0000 (Wed, 29 Apr 2009)
New Revision: 11742

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-29 07:01:42 UTC (rev 11741)
+++ data/CVE/list	2009-04-29 09:14:19 UTC (rev 11742)
@@ -808,8 +808,8 @@
 	NOT-FOR-US: 2wire
 CVE-2009-1241 (Unspecified vulnerability in ClamAV before 0.95 allows remote ...)
 	- clamav 0.95+dfsg-1 (medium; bug #526042)
-        [etch] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
-        [lenny] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time) 
+	[etch] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
+	[lenny] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time) 
 CVE-2009-1240 (Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 ...)
 	NOT-FOR-US: IBM Proventia
 CVE-2009-1239 (IBM DB2 9.1 before FP7 returns incorrect query results in certain ...)
@@ -4344,6 +4344,7 @@
 	- cyrus-sasl2 2.1.22.dfsg1-18 (bug #465561)
 	[etch] - cyrus-sasl2 <no-dsa> (Minor issue)
 CVE-2009-0385 (Integer signedness error in the fourxm_read_header function in ...)
+	{DSA-1782-1 DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-16 (medium; bug #524799)
 	- ffmpeg <removed> 
 	- mplayer 1.0~rc2-14 (medium; bug #524805)
@@ -6215,7 +6216,7 @@
 CVE-2008-5486 (SQL injection vulnerability in admin.php in TurnkeyForms Text Link ...)
 	NOT-FOR-US: TurnkeyForms Text Link Sales
 CVE-2008-5616 (Stack-based buffer overflow in the demux_open_vqf function in ...)
-	{DTSA-181-1}
+	{DSA-1782-1 DTSA-181-1}
 	- mplayer 1.0~rc2-19 (low; bug #508803)
 CVE-2008-XXXX [axel URL parser buffer overflow]
 	- axel 2.2 (unimportant)
@@ -7774,6 +7775,7 @@
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...)
+	{DSA-1782-1}
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- mplayer 1.0~rc2-14
@@ -11951,6 +11953,7 @@
 CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 ...)
 	NOT-FOR-US: DodosMail
 CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in ...)
+	{DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
 	- ffmpeg <removed>
 	TODO: Check the various embedders in Etch, horray for librification in Lenny

More information about the Secure-testing-commits mailing list