[Secure-testing-commits] r11282 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Sat Feb 28 03:39:34 UTC 2009
Author: white
Date: 2009-02-28 03:39:32 +0000 (Sat, 28 Feb 2009)
New Revision: 11282
Modified:
data/CVE/list
Log:
libvorbis and dovecot fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-27 21:14:16 UTC (rev 11281)
+++ data/CVE/list 2009-02-28 03:39:32 UTC (rev 11282)
@@ -5642,7 +5642,7 @@
[lenny] - redhat-cluster 2.20080801-4+lenny1
[etch] - redhat-cluster <no-dsa> (Minor issue)
CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass ...)
- - dovecot <unfixed> (low; bug #502967)
+ - dovecot 1:1.1.9-1 (low; bug #502967)
[etch] - dovecot <no-dsa> (Minor issue)
[lenny] - dovecot <no-dsa> (Minor issue)
CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...)
@@ -11809,9 +11809,7 @@
CVE-2008-2010 (Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 ...)
NOT-FOR-US: Windows
CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for ...)
- NOTE: #482039 has information to inform maintainer about new upstream code and problem
- NOTE: however, it is not clear that the version is vulnerable
- TODO: check vulnerability of debian packages and value of upstream patch
+ - libvorbis 1.2.0.dfsg-4 (bug #482039)
CVE-2008-2008 (Buffer overflow in the Display Names message feature in Cerulean ...)
NOT-FOR-US: Cerulean Studios Trillian Basic
CVE-2008-2007
More information about the Secure-testing-commits
mailing list