[Secure-testing-commits] r12619 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Mon Aug 17 07:52:43 UTC 2009


Author: derevko-guest
Date: 2009-08-17 07:52:43 +0000 (Mon, 17 Aug 2009)
New Revision: 12619

Modified:
   data/CVE/list
Log:
new xerces DoS issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-17 07:47:49 UTC (rev 12618)
+++ data/CVE/list	2009-08-17 07:52:43 UTC (rev 12619)
@@ -2598,7 +2598,9 @@
 	[etch] - samba <not-affected> (Vulnerable code not present)
 	NOTE: Only the 3.2.x branch was affected, so marking 3.3 as affected
 CVE-2009-1885 (Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in ...)
-	TODO: check
+	- xerces-c <unfixed> (low; bug #540297)
+	- xerces-c2 <unfixed> (low; bug #541986)
+	- xerces27 <removed>
 CVE-2009-1884
 	RESERVED
 CVE-2009-1883




More information about the Secure-testing-commits mailing list