[Secure-testing-commits] r11347 - in data: . CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Fri Mar 6 23:52:06 UTC 2009
Author: jmm-guest
Date: 2009-03-06 23:52:05 +0000 (Fri, 06 Mar 2009)
New Revision: 11347
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
new mpfr issue already fixed in sid, no-dsa for released
suites
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-06 23:48:04 UTC (rev 11346)
+++ data/CVE/list 2009-03-06 23:52:05 UTC (rev 11347)
@@ -187,7 +187,9 @@
CVE-2009-0758 (The originates_from_local_legacy_unicast_socket function in ...)
- avahi <unfixed> (bug #517683)
CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent ...)
- TODO: check
+ - mpfr 2.4.0-5 (low)
+ [lenny] - mpfr <no-dsa> (Minor issue)
+ [etch] - mpfr <no-dsa> (Minor issue)
CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 ...)
- poppler <unfixed> (low; bug #518478)
[lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-03-06 23:48:04 UTC (rev 11346)
+++ data/spu-candidates.txt 2009-03-06 23:52:05 UTC (rev 11347)
@@ -378,6 +378,10 @@
--
+mpfr (CVE-2009-0757)
+
+--
+
multi-gnome-terminal (CVE-2008-5143)
notified maintainer
More information about the Secure-testing-commits
mailing list