[Secure-testing-commits] r11775 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon May 4 19:44:38 UTC 2009
Author: gilbert-guest
Date: 2009-05-04 19:44:38 +0000 (Mon, 04 May 2009)
New Revision: 11775
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
CVE-2008-2009 vulnerability already fixed; additional hardening features to be considered as an spu/ospu candidate
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-04 17:31:20 UTC (rev 11774)
+++ data/CVE/list 2009-05-04 19:44:38 UTC (rev 11775)
@@ -14821,6 +14821,10 @@
NOT-FOR-US: Windows
CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for ...)
- libvorbis 1.2.0.dfsg-4 (bug #482039)
+ [etch] - libvorbis <no-dsa> (actual vulnerability fixed pre-1.0)
+ [lenny] - libvorbis <no-dsa> (actual vulnerability fixed pre-1.0)
+ NOTE: additional hardening features have already been added to the unstable
+ NOTE: packages that would be useful to have in stable, so proposing as spu/ospu
CVE-2008-2008 (Buffer overflow in the Display Names message feature in Cerulean ...)
NOT-FOR-US: Cerulean Studios Trillian Basic
CVE-2008-2007
Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt 2009-05-04 17:31:20 UTC (rev 11774)
+++ data/ospu-candidates.txt 2009-05-04 19:44:38 UTC (rev 11775)
@@ -310,6 +310,11 @@
--
+libvorbis (CVE-2008-2009)
+notified maintainer and release team
+
+--
+
liferea (CVE-2005-4791)
notified maintainer
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-05-04 17:31:20 UTC (rev 11774)
+++ data/spu-candidates.txt 2009-05-04 19:44:38 UTC (rev 11775)
@@ -32,6 +32,11 @@
--
+libvorbis (CVE-2008-2009)
+notified maintainer and release team
+
+--
+
mpfr (CVE-2009-0757)
notified maintainer
More information about the Secure-testing-commits
mailing list