[Secure-testing-commits] r12331 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Jul 13 15:45:26 UTC 2009
Author: gilbert-guest
Date: 2009-07-13 15:45:24 +0000 (Mon, 13 Jul 2009)
New Revision: 12331
Modified:
data/CVE/list
Log:
debian cups packages not affected by CVE-2009-0791
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-13 12:20:56 UTC (rev 12330)
+++ data/CVE/list 2009-07-13 15:45:24 UTC (rev 12331)
@@ -212,10 +212,8 @@
- fckeditor 1:2.6.4.1-1 (low; bug #536051)
- moin 1.8.2-2
NOTE: moin from 1.8.2-2 uses systemwide copy of fckeditor
- [lenny] - moin <unfixed> (unimportant)
- NOTE: moin in lenny provides FCKeditor as example files (/usr/share/doc)
- [etch] - moin <not-affected> (Vulnerable code not present)
- NOTE: moin in etch doesn't provide FCKeditor sample files
+ [lenny] - moin <no-dsa> (unimportant; provides FCKeditor as example files in /usr/share/doc, but not executable in general case)
+ [etch] - moin <not-affected> (doesn't provide FCKeditor sample files)
TODO: check knowledgeroot, karrigell, gforge, egroupware, request-tracker3.8
CVE-2009-2323 (The web interface on the Axesstel MV 410R redirects users back to the ...)
NOT-FOR-US: Axesstel MV 410R
@@ -5048,7 +5046,8 @@
CVE-2009-0791 (Multiple integer overflows in the pdftops filter in CUPS 1.1.17, ...)
- cupsys <removed> (medium; bug #535488)
- cups 1.3.10-1 (medium; bug #535489)
- NOTE: vulnerabe code not present anymore in 1.3.10
+ [etch] - cupsys <not-affected> (pdftops source included, but not built)
+ [lenny] - cups <not-affected> (pdftops source included, but not built)
CVE-2009-0790 (The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before ...)
{DSA-1760-1 DSA-1759-1}
- openswan 1:2.6.21+dfsg-1 (medium; bug #521949)
More information about the Secure-testing-commits
mailing list