[Secure-testing-commits] r11151 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Thu Feb 5 17:43:20 UTC 2009 

Author: white
Date: 2009-02-05 17:43:19 +0000 (Thu, 05 Feb 2009)
New Revision: 11151

Modified:
   data/CVE/list
Log:
Fix gst-plugins entries so they reflect the real situation between good and bad plugins

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-02-05 12:01:36 UTC (rev 11150)
+++ data/CVE/list	2009-02-05 17:43:19 UTC (rev 11151)
@@ -37,9 +37,14 @@
 	NOT-FOR-US: SocialEngine
 CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator ...)
 	NOT-FOR-US: Chipmunk Blogger Script
+CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...)
+	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
+	- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present)
 CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+	- gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, ...)
 	NOT-FOR-US: Sony Ericsson
 CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car ...)
@@ -61,9 +66,13 @@
 CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...)
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+	- gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+	- gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows ...)
 	NOT-FOR-US: OwnRS CMS
 CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which ...)

More information about the Secure-testing-commits mailing list