[Secure-testing-commits] r11357 - data/CVE

gilbert-guest at alioth.debian.org gilbert-guest at alioth.debian.org
Sat Mar 7 22:27:53 UTC 2009 

Author: gilbert-guest
Date: 2009-03-07 22:27:52 +0000 (Sat, 07 Mar 2009)
New Revision: 11357

Modified:
   data/CVE/list
Log:
fixing "squeeze-is-born" issues.  see debian-security-tracker mailing list.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-03-07 21:55:06 UTC (rev 11356)
+++ data/CVE/list	2009-03-07 22:27:52 UTC (rev 11357)
@@ -2080,6 +2080,7 @@
 CVE-2009-0316 (Untrusted search path vulnerability in src/if_python.c in the Python ...)
 	- vim 2:7.2.025-2 (low; bug #493937)
 	[lenny] - vim 1:7.1.314-3+lenny2
+        [squeeze] - vim 1:7.1.314-3+lenny2
 	[etch] - vim <no-dsa> (Minor issue)
 	NOTE: Not included in this round, could be fixed via next DSA with other issues
 CVE-2009-0315 (Untrusted search path vulnerability in the Python module in xchat ...)
@@ -4575,20 +4576,25 @@
 CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, ...)
 	- xine-lib 1.1.16-1 (unimportant; bug #508716)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 	NOTE: these are just invalid reads that result in segfaults, denial of service doesnt
 	NOTE: apply here as xine reading a file is no service -> application bug
 CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, ...)
 	- xine-lib 1.1.16-1 (medium; bug #507165; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 CVE-2008-5241 (Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 ...)
 	- xine-lib 1.1.16-1 (low; bug #509008)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 CVE-2008-5240 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an ...)
 	- xine-lib 1.1.16-2 (low; bug #509352)
 	[lenny] - xine-lib 1.1.14-5
+        [squeeze] - xine-lib 1.1.14-5
 CVE-2008-5239 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not ...)
 	- xine-lib 1.1.16-2 (medium; bug #509353)
 	[lenny] - xine-lib 1.1.14-5
+        [squeeze] - xine-lib 1.1.14-5
 CVE-2008-5238 (Integer overflow in the real_parse_mdpr function in demux_real.c in ...)
 	- xine-lib 1.1.14-3 (low)
 	NOTE: code execution shouldn't work here as if 0xff will be extended to 0xffffffff
@@ -4597,14 +4603,17 @@
 CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ...)
 	- xine-lib 1.1.16-1 (bug #509265; low)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
 	- xine-lib 1.1.16-1 (bug #509521)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 CVE-2008-5235 (Heap-based buffer overflow in the demux_real_send_chunk function in ...)
 	- xine-lib 1.1.14-3
 CVE-2008-5234 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
 	- xine-lib 1.1.16-1 (medium; bug #508313; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
+        [squeeze] - xine-lib 1.1.14-4
 CVE-2008-5233 (xine-lib 1.1.12, and other versions before 1.1.15, does not check for ...)
 	- xine-lib 1.1.14-3 (low)
 CVE-2008-5232 (Buffer overflow in the CallHTMLHelp method in the Microsoft Windows ...)
@@ -7259,6 +7268,7 @@
 	{DSA-1662-1}
 	- mysql-dfsg-5.0 5.0.67-1
 	[lenny] - mysql-dfsg-5.0 5.0.51a-18
+        [squeeze] - mysql-dfsg-5.0 5.0.51a-18
 CVE-2008-4097 (MySQL 5.0.51a allows local users to bypass certain privilege checks by ...)
 	{DSA-1608-1}
 	- mysql-dfsg-5.0 5.0.51a-10

More information about the Secure-testing-commits mailing list