[Secure-testing-commits] r11834 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Thu May 7 20:18:56 UTC 2009


Author: gilbert-guest
Date: 2009-05-07 20:18:56 +0000 (Thu, 07 May 2009)
New Revision: 11834

Modified:
   data/CVE/list
Log:
- potential prewikka issue
- pango issue unembargoed
- bug submitted to track mpfr spu/ospu work


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-07 19:25:00 UTC (rev 11833)
+++ data/CVE/list	2009-05-07 20:18:56 UTC (rev 11834)
@@ -1,3 +1,7 @@
+CVE-2009-XXXX [prewkikka: pasword world-readable]
+	- prewikka <unfixed> (low; bug #527476)
+	NOTE: asked maintainer to determine wether debian is affected
+	NOTE: FEDORA-2009-3761 (http://lwn.net/Articles/330642)
 CVE-2009-XXXX [prelude-manager: password world-readable]
 	- prelude-manager <unfixed> (low; bug #527344)
 	NOTE: asked maintainer to determine whether debian is affected by this one
@@ -1338,8 +1342,9 @@
 	RESERVED
 CVE-2009-1195
 	RESERVED
-CVE-2009-1194
+CVE-2009-1194 [pango1.0: integer overflow in heap allocation size calculations]
 	RESERVED
+	- pango1.0 1.24 (medium; bug #527474) 
 CVE-2009-1193
 	RESERVED
 CVE-2009-1192 (drivers/char/agp/generic.c in the agp subsystem in the Linux kernel ...)
@@ -2784,7 +2789,7 @@
 	[lenny] - avahi <no-dsa> (Minor issue)
 	NOTE: reflector is off by default
 CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent ...)
-	- mpfr 2.4.0-5 (low)
+	- mpfr 2.4.0-5 (low; bug #527475)
 	[lenny] - mpfr <no-dsa> (Minor issue)
 	[etch] - mpfr <no-dsa> (Minor issue)
 CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 ...)




More information about the Secure-testing-commits mailing list