[Secure-testing-commits] r12652 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Fri Aug 21 10:27:31 UTC 2009 

Author: derevko-guest
Date: 2009-08-21 10:27:30 +0000 (Fri, 21 Aug 2009)
New Revision: 12652

Modified:
   data/CVE/list
Log:
NFU
some chromium-browser issues
CVE-2009-1896: openjdk-6 affected
CVE-2009-1884: libcompress-raw-bzip2-perl Off-by-one error


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-21 07:50:25 UTC (rev 12651)
+++ data/CVE/list	2009-08-21 10:27:30 UTC (rev 12652)
@@ -241,19 +241,19 @@
 CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...)
 	NOT-FOR-US: Creative Mind Creator CMS
 CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...)
-	TODO: check
+	NOT-FOR-US: phpAuction
 CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote ...)
 	NOT-FOR-US: phpAuction
 CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before saving ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default password, ...)
 	NOT-FOR-US: Siemens Gigaset WLAN Camera
 CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, ...)
@@ -2863,7 +2863,7 @@
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
 CVE-2009-1896 (The Java Web Start framework in IcedTea in OpenJDK before ...)
-	TODO: check
+	- openjdk-6 <unfixed> (bug #542210)
 CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
@@ -2909,7 +2909,7 @@
 	- xerces-c2 <unfixed> (low; bug #541986)
 	- xerces27 <removed>
 CVE-2009-1884 (Off-by-one error in the bzinflate function in Bzip2.xs in the ...)
-	TODO: check
+	- libcompress-raw-bzip2-perl <unfixed> (medium; bug #542777)
 CVE-2009-1883
 	RESERVED
 CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c in ...)

More information about the Secure-testing-commits mailing list