[Secure-testing-commits] r15090 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Sun Aug 1 09:30:17 UTC 2010
Author: joeyh
Date: 2010-08-01 09:30:15 +0000 (Sun, 01 Aug 2010)
New Revision: 15090
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-01 05:58:17 UTC (rev 15089)
+++ data/CVE/list 2010-08-01 09:30:15 UTC (rev 15090)
@@ -942,10 +942,10 @@
RESERVED
CVE-2010-2540
RESERVED
- {DSA-2078-1}
+ {DSA-2079-1}
CVE-2010-2539
RESERVED
- {DSA-2078-1}
+ {DSA-2079-1}
CVE-2010-2538 [btrfs issue]
RESERVED
- linux-2.6 <unfixed>
@@ -2607,6 +2607,7 @@
CVE-2010-1870
RESERVED
CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
+ {DSA-2080-1}
- ghostscript 8.71~dfsg-4
NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3
CVE-2010-1868 (The (1) sqlite_single_query and (2) sqlite_array_query functions in ...)
@@ -8961,6 +8962,7 @@
CVE-2009-4271 (The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 ...)
- linux-2.6 2.6.18-1
CVE-2009-4270 (Stack-based buffer overflow in the errprintf function in base/gsmisc.c ...)
+ {DSA-2080-1}
- ghostscript 8.70~dfsg-2.1 (medium; bug #562643)
CVE-2009-4269
RESERVED
@@ -18624,6 +18626,7 @@
NOTE: why are weaknesses in security hardening features like ASLR considered minor?
NOTE: even though this is not directly a vulnerability itself, part of this application's armor is now missing; making it easier for unknown vulnerabilities to be effective.
CVE-2008-6679 (Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and ...)
+ {DSA-2080-1}
- ghostscript 8.64~dfsg-1 (medium; bug #524803)
- gs-gpl <removed> (medium; bug #561717)
CVE-2008-6678 (SQL injection vulnerability in asp/includes/contact.asp in QuickerSite ...)
@@ -18671,6 +18674,7 @@
CVE-2008-6657 (Cross-site request forgery (CSRF) vulnerability in index.php in Simple ...)
NOT-FOR-US: Simple Machines Forum
CVE-2007-6725 (The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly ...)
+ {DSA-2080-1}
- ghostscript 8.63.dfsg.1-1 (medium; bug #524803)
- gs-gpl <removed> (medium; bug #561717)
CVE-2008-6680 (libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause ...)
@@ -20430,7 +20434,7 @@
[lenny] - lcms <no-dsa> (Minor issue)
[etch] - lcms <no-dsa> (Minor issue)
CVE-2009-0792 (Multiple integer overflows in icc.c in the International Color ...)
- {DTSA-198-1}
+ {DSA-2080-1 DTSA-198-1}
- argyll 1.0.3-3 (medium; bug #523472; bug #524802)
- ghostscript 8.64~dfsg-1.1 (medium; bug #524915)
- gs-gpl <removed> (medium; bug #561717)
@@ -23004,7 +23008,7 @@
CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView ...)
NOT-FOR-US: IrfanView
CVE-2009-0196 (Heap-based buffer overflow in the big2_decode_symbol_dict function ...)
- {DTSA-198-1}
+ {DSA-2080-1 DTSA-198-1}
- ghostscript 8.64~dfsg-1.1 (medium; bug #524803)
- gs-gpl <removed> (medium; bug #561717)
- jbig2dec <not-affected> (already fixed in initial upload)
@@ -29474,6 +29478,7 @@
CVE-2008-3523
RESERVED
CVE-2008-3522 (Buffer overflow in the jas_stream_printf function in ...)
+ {DSA-2080-1}
- jasper 1.900.1-5.1 (medium; bug #501021)
- ghostscript 8.64~dfsg-2 (medium; bug #559778)
- gs-gpl <removed> (medium; bug #561717)
More information about the Secure-testing-commits
mailing list