[Secure-testing-commits] r11858 - data/CVE

Florian Weimer fw at alioth.debian.org
Sat May 9 19:27:02 UTC 2009 

Author: fw
Date: 2009-05-09 19:27:01 +0000 (Sat, 09 May 2009)
New Revision: 11858

Modified:
   data/CVE/list
Log:
more cleanups


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-09 19:22:03 UTC (rev 11857)
+++ data/CVE/list	2009-05-09 19:27:01 UTC (rev 11858)
@@ -20355,7 +20355,6 @@
 	[etch] - venkman <not-affected> (Vulnerable code not present)
 CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable]
 	- unace-nonfree 2.5-3
-	[etch] - unace-nonfree <no-dsa> (non-free not supported)
 	[etch] - unace-nonfree 2.5-1etch1
 CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...)
 	NOT-FOR-US: Trend Micro ServerProtect
@@ -26646,9 +26645,7 @@
 	[etch] - pdftohtml 0.36-13etch1
 	- tetex-bin 3.0-12
 	NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
-	- cups <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
-	- cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
-	NOTE: cups uses xpdf-utils and poppler-utils
+	NOTE: cups uses xpdf-utils and poppler-utils since version 1.1.22-7
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools <unfixed> (medium; bug #527449)
@@ -28190,7 +28187,6 @@
 CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...)
 	- sun-java5 1.5.0-12-1
 	- sun-java6 6-02-1
-	[etch] - sun-java5 <no-dsa> (non-free not supported)
 	[etch] - sun-java5 1.5.0-14-1etch1
 CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...)
 	NOT-FOR-US: FlashBB
@@ -31268,7 +31264,6 @@
 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...)
 	- sun-java5 1.5.0-11-1 (medium; bug #423062)
 	[etch] - sun-java5 1.5.0-14-1etch1
-	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows ...)
 	NOT-FOR-US: Aventail Connect
 CVE-2007-2433 (Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 ...)
@@ -33899,7 +33894,6 @@
 	- apache <removed> (low)
 	- libapache2-mod-perl2 2.0.2-5 (low; bug #433549)
 	[etch] - libapache2-mod-perl2 <no-dsa> (Minor issue)
-	[etch] - apache <no-dsa> (scheduled for stable point release)
 	[etch] - apache 1.3.34-4.1+etch1
 CVE-2007-1348
 	RESERVED

More information about the Secure-testing-commits mailing list