[Secure-testing-commits] r12336 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Jul 13 21:14:39 UTC 2009
Author: joeyh
Date: 2009-07-13 21:14:36 +0000 (Mon, 13 Jul 2009)
New Revision: 12336
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-13 20:24:46 UTC (rev 12335)
+++ data/CVE/list 2009-07-13 21:14:36 UTC (rev 12336)
@@ -307,6 +307,7 @@
CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris ...)
NOT-FOR-US: kernel module in Sun Solaris
CVE-2009-2295 (Multiple integer overflows in CamlImages 2.2 and earlier might allow ...)
+ {DSA-1832-1}
- camlimages 1:3.0.1-2 (medium; bug #535909)
CVE-2009-2294 (Integer overflow in the Png_datainfo_callback function in Dillo 2.1 ...)
- dillo 2.2.1 (medium; bug #535788)
@@ -1134,10 +1135,10 @@
[lenny] - w3m <no-dsa> (Minor issue)
[etch] - w3m <no-dsa> (Minor issue)
- chromium-browser <itp> (low; bug #520324)
- - lynx 2.8.7rel.1-1 (low; bug #532520)
+ - lynx 2.8.7rel.1-1 (low; bug #532520)
[lenny] - lynx <no-dsa> (Minor issue)
[etch] - lynx <no-dsa> (Minor issue)
- - dillo <unfixed> (low; bug #532522)
+ - dillo <unfixed> (low; bug #532522)
[lenny] - dillo <no-dsa> (Minor issue)
[etch] - dillo <no-dsa> (Minor issue)
NOTE: These issues can be fixed in more recent upstream versions, but the risk
@@ -4760,6 +4761,7 @@
NOTE: for locally modified configs and even for that I fail to
NOTE: see why anyone would run a kernel w/o CONFIG_SHMEM?
CVE-2009-0858 (The response_addname function in response.c in Daniel J. Bernstein ...)
+ {DSA-1831-1}
- djbdns 1:1.05-5 (low; bug #518169; bug #517631)
CVE-2009-0857 (Cross-site scripting (XSS) vulnerability in /prm/reports in the ...)
NOT-FOR-US: SunMC
More information about the Secure-testing-commits
mailing list