[Secure-testing-commits] r10891 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Thu Jan 8 09:29:02 UTC 2009
Author: fw
Date: 2009-01-08 09:29:01 +0000 (Thu, 08 Jan 2009)
New Revision: 10891
Modified:
data/CVE/list
Log:
CVE-2008-5077: openssl
CVE-2009-0025: bind9
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-01-08 09:14:13 UTC (rev 10890)
+++ data/CVE/list 2009-01-08 09:29:01 UTC (rev 10891)
@@ -575,8 +575,11 @@
RESERVED
CVE-2009-0026
RESERVED
-CVE-2009-0025
+CVE-2009-0025 [OpenSSL signature verification API misuse: bind9 incarnation]
RESERVED
+ - bind9 <unfixed> (low)
+ NOTE: low severity because it is believed hard to trigger and only
+ NOTE: affects DNSSEC with DSA, which is supposedly rarely used.
CVE-2009-0024
RESERVED
CVE-2009-0023
@@ -1898,8 +1901,9 @@
NOTE: http://marc.info/?l=linux-netdev&m=122841256115780&w=2
CVE-2008-5078 (Multiple buffer overflows in the (1) recognize_eps_file function ...)
TODO: check
-CVE-2008-5077
+CVE-2008-5077 [OpenSSL signature verification misuse]
RESERVED
+ - openssl 0.9.8g-15
CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka ...)
NOT-FOR-US: E-Uploader Pro
CVE-2008-5074 (SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 ...)
More information about the Secure-testing-commits
mailing list