[Secure-testing-commits] r11786 - data/CVE

Thijs Kinkhorst thijs at alioth.debian.org
Mon May 4 21:30:49 UTC 2009


Author: thijs
Date: 2009-05-04 21:30:49 +0000 (Mon, 04 May 2009)
New Revision: 11786

Modified:
   data/CVE/list
Log:
new file issue affects squeeze/sid only, maintainer is aware


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-04 21:14:20 UTC (rev 11785)
+++ data/CVE/list	2009-05-04 21:30:49 UTC (rev 11786)
@@ -1,3 +1,8 @@
+CVE-2009-1515 [file 5.xx buffer overflow in the cdf_read_sat function]
+	- file <unfixed>
+	[lenny] - file <not-affected> (Vulnerable code not present)
+	[etch] - file <not-affected> (Vulnerable code not present)
+	NOTE: code introduced in 5.xx series
 CVE-2009-1512 (Static code injection vulnerability in X-Forum 0.6.2 allows remote ...)
 	TODO: check
 CVE-2009-1511 (GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a ...)




More information about the Secure-testing-commits mailing list