[Secure-testing-commits] r13659 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Sat Dec 26 18:29:12 UTC 2009 

Author: jmm-guest
Date: 2009-12-26 18:29:12 +0000 (Sat, 26 Dec 2009)
New Revision: 13659

Modified:
   data/CVE/list
Log:
- wireshark CVEfied
- one xfig issue unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-26 18:24:10 UTC (rev 13658)
+++ data/CVE/list	2009-12-26 18:29:12 UTC (rev 13659)
@@ -153,11 +153,15 @@
 CVE-2010-0066
 	RESERVED
 CVE-2009-4378 (The IPMI dissector in Wireshark 1.2.0 through 1.2.4, when running on ...)
-	- wireshark 1.2.5-1
+	- wireshark <not-affected> (Windows-specific)
 CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 ...)
 	- wireshark 1.2.5-1
+	[lenny] - wireshark <no-dsa> (Minor issue)
+	[etch] - wireshark <no-dsa> (Minor issue)
 CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA ...)
 	- wireshark 1.2.5-1
+	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
+	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 CVE-2009-4375 (SQL injection vulnerability in repository/repository_attachment.php in ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
 CVE-2009-4374 (Directory traversal vulnerability in ...)
@@ -267,18 +271,8 @@
 CVE-2009-XXXX [libapache2-mod-php5: potential disclosure of private php files]
 	- php5 5.2.11.dfsg.1-2 (low; bug #562006)
 	NOTE: not sure if it should be treated as an issue, probably not
-CVE-2009-XXXX [Wireshark: Daintree SNA buffer overflow]
-	- wireshark 1.2.5-1
-	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 CVE-2009-XXXX [libhaml-ruby XSS issue]
 	- libhaml-ruby 2.2.8-1
-CVE-2009-XXXX [Wireshark: SMB and SMB2 dissectors could crash]
-	- wireshark 1.2.5-1 (low)
-	[lenny] - wireshark <no-dsa> (Minor issue)
-	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-XXXX [Wireshark: IPMI dissector could crash on Windows]
-	- wireshark <not-affected> (Windows-specific)
 CVE-2009-XXXX [roundup: unspecified issue]
 	- roundup 1.4.11-1
 CVE-2009-XXXX [phpldapadmin local file inclusion vuln]
@@ -689,10 +683,7 @@
 CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...)
 	NOT-FOR-US: PestPatrol
 CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...)
-	- xfig <unfixed>
-	[lenny] - xfig <no-dsa> (Minor issue)
-	[etch] - xfig <no-dsa> (Minor issue)
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905
+	- xfig <unfixed> (unimportant)
 CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in ...)
 	- xfig 1:3.2.5.b-1 (low; bug #559274)
 	[lenny] - xfig <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list