[Secure-testing-commits] r12087 - data/CVE
Nico Golde
nion at alioth.debian.org
Tue Jun 9 13:45:03 UTC 2009
Author: nion
Date: 2009-06-09 13:45:02 +0000 (Tue, 09 Jun 2009)
New Revision: 12087
Modified:
data/CVE/list
Log:
pgp4pine issue medium, unlike the description says it's not only an off-by-one but a classic stack-based buffer overflow as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-09 13:25:51 UTC (rev 12086)
+++ data/CVE/list 2009-06-09 13:45:02 UTC (rev 12087)
@@ -55,10 +55,11 @@
CVE-2008-6825 (Directory traversal vulnerability in user/index.php in Fonality ...)
NOT-FOR-US: trixbox
CVE-2009-XXXX [pgp4pine off-by-one]
- - pgp4pine <unfixed> (bug #457947; low)
+ - pgp4pine <unfixed> (bug #457947; medium)
[etch] - pgp4pine <no-dsa> (Contrib not supported)
[lenny] - pgp4pine <no-dsa> (Contrib not supported)
NOTE: http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0122.html
+ NOTE: unlike the note states this is not just an off-by-one, classic stack-based buffer overflow
CVE-2009-1932 (Multiple integer overflows in the (1) user_info_callback, (2) ...)
- gst-plugins-good0.10 0.10.15-2 (medium; bug #531631; bug #532352)
CVE-2009-1931
More information about the Secure-testing-commits
mailing list