[Secure-testing-commits] r12552 - data/CVE
Nico Golde
nion at alioth.debian.org
Mon Aug 10 18:09:16 UTC 2009
Author: nion
Date: 2009-08-10 18:09:16 +0000 (Mon, 10 Aug 2009)
New Revision: 12552
Modified:
data/CVE/list
Log:
add new libxml issues (CVE-2009-2416, CVE-2009-2414)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-10 17:06:45 UTC (rev 12551)
+++ data/CVE/list 2009-08-10 18:09:16 UTC (rev 12552)
@@ -961,8 +961,10 @@
RESERVED
CVE-2009-2417
RESERVED
-CVE-2009-2416
+CVE-2009-2416 [libxml2 pointer-user-after-free]
RESERVED
+ - libxml2 <unfixed> (low; bug #540865)
+ [etch] - libxml <unfixed>
CVE-2009-2415 [heap-based buffer overflow in memcached]
RESERVED
{DSA-1853-1}
@@ -971,8 +973,10 @@
NOTE: the impact varies, on etch this runs as root and is not bound
NOTE: to the loopback interface by default, memcached is even distributed
NOTE: but fortunately not in a stable release.
-CVE-2009-2414
+CVE-2009-2414 [libxml2 stack recursion]
RESERVED
+ - libxml2 <unfixed> (medium; bug #540865)
+ [etch] - libxml <unfixed>
CVE-2009-2413
RESERVED
CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) ...)
More information about the Secure-testing-commits
mailing list