[Secure-testing-commits] r11853 - in data: . CVE
Nico Golde
nion at alioth.debian.org
Sat May 9 17:35:01 UTC 2009
Author: nion
Date: 2009-05-09 17:35:01 +0000 (Sat, 09 May 2009)
New Revision: 11853
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
CVE-2009-0757 doesnt affect etch/lenny
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-09 17:01:57 UTC (rev 11852)
+++ data/CVE/list 2009-05-09 17:35:01 UTC (rev 11853)
@@ -2895,8 +2895,8 @@
NOTE: reflector is off by default
CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent ...)
- mpfr 2.4.0-5 (low; bug #527475)
- [lenny] - mpfr <no-dsa> (Minor issue)
- [etch] - mpfr <no-dsa> (Minor issue)
+ [lenny] - mpfr <not-affected> (Vulnerable code not yet present)
+ [etch] - mpfr <not-affected> (Vulnerable code not yet present)
CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 ...)
- poppler <unfixed> (low; bug #518478)
[lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-05-09 17:01:57 UTC (rev 11852)
+++ data/spu-candidates.txt 2009-05-09 17:35:01 UTC (rev 11853)
@@ -37,11 +37,6 @@
--
-mpfr (CVE-2009-0757)
-notified maintainer
-
---
-
mpg123 (CVE-2009-1301)
notified maintainer
More information about the Secure-testing-commits
mailing list