[Secure-testing-commits] r11814 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Wed May 6 13:55:50 UTC 2009
Author: derevko-guest
Date: 2009-05-06 13:55:50 +0000 (Wed, 06 May 2009)
New Revision: 11814
Modified:
data/CVE/list
Log:
etch version of libmodplug not affected by libmodplug buffer overflow in PAT sampler
gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug.
gst-plugins-bad0.10 in stable and oldstable: Vulnerable code not present
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-06 13:07:25 UTC (rev 11813)
+++ data/CVE/list 2009-05-06 13:55:50 UTC (rev 11814)
@@ -36,8 +36,10 @@
NOTE: CVE id requested
CVE-2009-XXXX [libmodplug buffer overflow in PAT sampler]
- libmodplug <unfixed> (medium; bug #526084)
- - gst-plugins-bad0.10 <unfixed> (medium; bug #527077)
+ - gst-plugins-bad0.10 <not-affected> (Vulnerable code not present; bug #527077)
+ [etch] - libmodplug <not-affected> (Vulnerable code not present)
NOTE: CVE id requested on oss-sec
+ NOTE: gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug.
CVE-2009-XXXX [clamav milter init script "typo"]
- clamav <not-affected> (Vulnerable code not present)
NOTE: from what I see this code was never uploaded to the debian archive
More information about the Secure-testing-commits
mailing list