[Secure-testing-commits] r11857 - in data: CVE DSA

[Florian Weimer]

Author: fw
Date: 2009-05-09 19:22:03 +0000 (Sat, 09 May 2009)
New Revision: 11857

Modified:
   data/CVE/list
   data/DSA/list
Log:
more cleanups


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-09 19:16:26 UTC (rev 11856)
+++ data/CVE/list	2009-05-09 19:22:03 UTC (rev 11857)
@@ -18403,7 +18403,6 @@
 CVE-2008-0657 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...)
 	- sun-java6 6-02-1
 	- sun-java5 1.5.0-14-1
-	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[etch] - sun-java5 1.5.0-14-1etch1
 CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC ...)
 	NOT-FOR-US: Documentum Administrator and Webtop
@@ -19320,7 +19319,6 @@
 CVE-2007-6688 (Unspecified vulnerability in the Installation application in Menalto ...)
 	- gallery <not-affected> (Vulnerable code not present)
 	- gallery2 2.2.4-1 (bug #457644)
-	- gallery <not-affected> (Vulnerable code not present)
 CVE-2007-6687 (Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
@@ -30441,12 +30439,10 @@
 CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before ...)
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
-	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-01-1 (bug #422403)
 CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...)
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
-	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-01-1 (bug #422403)
 CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) ...)
 	NOT-FOR-US: LeadTools Raster Thumbnail Object Library
@@ -40284,7 +40280,6 @@
 	- iceweasel 2.0+dfsg-1 (high)
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <unfixed> (medium)
-	[sarge] - mozilla <not-affected> (Vulnerable code not present)
 	- xulrunner 1.5.0.8-1 (high)
 	- mozilla-firefox <removed>
 	- mozilla-thunderbird <removed>
@@ -42245,7 +42240,6 @@
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in ...)
 	- xulrunner 1.8.0.9-1 (low; bug #405062)
-	[sarge] - mozilla <unfixed> (low)
 	[sarge] - mozilla <no-dsa> (Minor issue)
 	NOTE: could not find setuid binary in sid, but evolution-data-server has a setgid mail binary
 	NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=351470
@@ -67351,10 +67345,7 @@
 	NOT-FOR-US: CubeCert
 CVE-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code via a ...)
 	{DSA-723-1}
-	NOTE: lesstif2
-	- lesstif1-1 1:0.93.94-11.1 (bug #298183; bug #299236)
-	NOTE: lesstif1
-	- lesstif1-1 1:0.93.94-11.3 (bug #300421)
+	- lesstif2 1:0.93.94-11.1 (bug #298183; bug #299236)
 	NOTE: libxmp4 is the real culprit
 	- xfree86 4.3.0.dfsg.1-13
 	- xorg-x11 <not-affected> (Fixed before upload into archive)
@@ -74704,7 +74695,6 @@
 CVE-2003-0204 (KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to ...)
 	{DSA-296 DSA-293 DSA-284}
 	- kdebase 4:3.1.0-1
-	- kdebase 4:3.1.0-1
 	- kdegraphics 4:3.1.0-1
 CVE-2003-0203 (Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP ...)
 	{DSA-281}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2009-05-09 19:16:26 UTC (rev 11856)
+++ data/DSA/list	2009-05-09 19:22:03 UTC (rev 11857)
@@ -5293,7 +5293,6 @@
 	[woody] - kernel-source-2.4.18 2.4.18-13
 	[woody] - kernel-image-2.4.18-1-i386 2.4.18-11
 	[woody] - kernel-image-2.4.18-i386bf 2.4.18-5woody4
-	[woody] - kernel-source-2.4.18 2.4.18-13
 	[woody] - kernel-image-2.4.18-1-alpha 2.4.18-10.
 [31 Jul 2003] DSA-357 wu-ftpd - remote root exploit
 	{CVE-2003-0466}