[Secure-testing-commits] r13107 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Tue Oct 27 23:04:30 UTC 2009
Author: geissert
Date: 2009-10-27 23:04:29 +0000 (Tue, 27 Oct 2009)
New Revision: 13107
Modified:
data/CVE/list
Log:
new kde issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-27 21:14:20 UTC (rev 13106)
+++ data/CVE/list 2009-10-27 23:04:29 UTC (rev 13107)
@@ -1,3 +1,11 @@
+CVE-2009-XXXX [multiple missing input sanity checks in KDE]
+ - kdelibs <unfixed> (low)
+ [lenny] - kdelibs <no-dsa> (minor and unlikely to be exploited)
+ [etch] - kdelibs <no-dsa> (minor and unlikely to be exploited)
+ NOTE: http://www.ocert.org/advisories/ocert-2009-015.html
+ NOTE: advisory mentions kmail and ark (from kdepim and kdeutils, respectively)
+ NOTE: but the "fixes" linked from the advisory only change code in kdelibs
+ NOTE: 4.3.3, which fixes the issue, is due to be released in a week
CVE-2009-3800
RESERVED
CVE-2009-3799
More information about the Secure-testing-commits
mailing list