[Secure-testing-commits] r11794 - data/CVE
Nico Golde
nion at alioth.debian.org
Tue May 5 14:42:28 UTC 2009
Author: nion
Date: 2009-05-05 14:42:28 +0000 (Tue, 05 May 2009)
New Revision: 11794
Modified:
data/CVE/list
Log:
- new kfreebsd-7 issue doesn't affect us
- CVE-2009-14[15-17] fixed ingnutls26 2.6.6-1, -15 and -16 don't affect etch/lenny
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-05 14:28:10 UTC (rev 11793)
+++ data/CVE/list 2009-05-05 14:42:28 UTC (rev 11794)
@@ -242,7 +242,7 @@
CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka ...)
NOT-FOR-US: CoolPlayer
CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...)
- TODO: check
+ - kfreebsd-7 <not-affected> (kfreebsd uses a different libc version)
CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 ...)
NOT-FOR-US: Trend Micro OfficeScan
CVE-2009-1434 (Cross-site request forgery (CSRF) vulnerability in Foswiki before ...)
@@ -288,11 +288,15 @@
CVE-2009-1418
RESERVED
CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and ...)
- TODO: check
+ - gnutls26 2.6.6-1 (medium)
CVE-2009-1416 (lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates ...)
- TODO: check
+ - gnutls26 2.6.6-1 (medium)
+ [lenny] - gnutls26 <not-affected> (Vulnerable code not present)
+ [etch] - gnutls26 <not-affected> (Vulnerable code not present)
CVE-2009-1415 (lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not ...)
- TODO: check
+ - gnutls26 2.6.6-1 (medium)
+ [lenny] - gnutls26 <not-affected> (Vulnerable code not present)
+ [etch] - gnutls26 <not-affected> (Vulnerable code not present)
CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object persist ...)
- chromium-browser <itp> (bug #520324)
CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page transition, ...)
More information about the Secure-testing-commits
mailing list