[Secure-testing-commits] r13515 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Sat Dec 12 03:52:41 UTC 2009
Author: geissert
Date: 2009-12-12 03:52:41 +0000 (Sat, 12 Dec 2009)
New Revision: 13515
Modified:
data/CVE/list
Log:
kde4libs fixed in unstable, adding more info
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-12 03:45:07 UTC (rev 13514)
+++ data/CVE/list 2009-12-12 03:52:41 UTC (rev 13515)
@@ -1134,13 +1134,14 @@
NOT-FOR-US: OpenDocMan
CVE-2009-XXXX [multiple missing input sanity checks in KDE]
- kdelibs <unfixed> (low)
- - kde4libs <unfixed> (low)
+ - kde4libs 4:4.3.4-1 (low)
[lenny] - kdelibs <no-dsa> (minor and unlikely to be exploited)
[etch] - kdelibs <no-dsa> (minor and unlikely to be exploited)
NOTE: http://www.ocert.org/advisories/ocert-2009-015.html
+ NOTE: http://www.portcullis-security.com/advisories
NOTE: advisory mentions kmail and ark (from kdepim and kdeutils, respectively)
NOTE: but the "fixes" linked from the advisory only change code in kdelibs
- NOTE: 4.3.3, which fixes the issue, is due to be released in a week
+ NOTE: more info at oss-sec threads
CVE-2009-3800
RESERVED
CVE-2009-3799
More information about the Secure-testing-commits
mailing list