[Secure-testing-commits] r14124 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Thu Feb 18 20:52:05 UTC 2010 

Author: jmm-guest
Date: 2010-02-18 20:52:00 +0000 (Thu, 18 Feb 2010)
New Revision: 14124

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
hamlib fixed
kde4libs no-dsa
gnome-screensaver fix in unstable, dupe of existing issue?


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-18 20:42:46 UTC (rev 14123)
+++ data/CVE/list	2010-02-18 20:52:00 UTC (rev 14124)
@@ -568,8 +568,10 @@
 	RESERVED
 CVE-2010-0423
 	RESERVED
-CVE-2010-0422
+CVE-2010-0422 [another gnome-screensaver issue?]
 	RESERVED
+	- gnome-screensaver 2.28.3-1
+        TODO: Dupe? Is this different from CVE-2010-0414? 
 CVE-2010-0421
 	RESERVED
 CVE-2010-0420
@@ -3936,7 +3938,7 @@
 	- guile-1.6 1.6.8-7 (low; bug #559813)
 	[etch] - guile-1.6 <no-dsa> (Minor issue)
 	[lenny] - guile-1.6 <no-dsa> (Minor issue)
-	- hamlib <unfixed> (low; bug #559814)
+	- hamlib 1.2.10-1 (low; bug #559814)
 	[lenny] - hamlib <no-dsa> (Minor issue)
 	[etch] - hamlib <no-dsa> (Minor issue)
 	- hercules 3.06-1.2 (low; bug #559815)
@@ -14259,8 +14261,8 @@
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	- kdelibs 4:3.5.10.dfsg.1-3 (medium; bug #559265)
 	- kde4libs 4:4.3.4-1 (medium; bug #559266)
+        [lenny] - kde4libs <no-dsa> (Only uses by a few packages in Lenny, hardly any attack vector)
 	TODO: Someone posted a long list of dtoa embedded to debian-devel some time ago
-	NOTE: http://securityreason.com/achievement_securityalert/74
 CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 ...)
 	{DSA-1807-1 DTSA-200-1 DTSA-201-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2010-02-18 20:42:46 UTC (rev 14123)
+++ data/spu-candidates.txt	2010-02-18 20:52:00 UTC (rev 14124)
@@ -136,6 +136,8 @@
 #546218
 notified maintainer
 
+CVE-2009-0689
+
 --
 
 kfreebsd-6

More information about the Secure-testing-commits mailing list