[Secure-testing-commits] r14145 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Tue Feb 23 21:09:54 UTC 2010 

Author: jmm-guest
Date: 2010-02-23 21:09:52 +0000 (Tue, 23 Feb 2010)
New Revision: 14145

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
xotcl NMUd


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-23 17:08:51 UTC (rev 14144)
+++ data/CVE/list	2010-02-23 21:09:52 UTC (rev 14145)
@@ -107,8 +107,7 @@
 	- kdeartwork <undetermined>
 	[lenny] - kdeartwork <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/2
-	NOTE: patch http://websvn.kde.org/?view=revision&revision=1089241
-	TODO: check
+        NOTE: http://www.kde.org/info/security/advisory-2010-02-17-1.txt
 CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
 	TODO: check
 CVE-2010-0629
@@ -4219,7 +4218,7 @@
 	- vnc4 <unfixed> (low; bug #560949)
 	[etch] - vnc4 <no-dsa> (minor issue)
 	[lenny] - vnc4 <no-dsa> (minor issue)
-	- xotcl 1.6.5-1.1 (low; bug #560950)
+	- xotcl 1.6.5-1.2 (low; bug #560950)
 	[lenny] - xotcl <no-dsa> (minor issue)
 CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
 	NOT-FOR-US: Battle Blog
@@ -4703,8 +4702,7 @@
 	- vnc4 <unfixed> (low; bug #560949)
 	[etch] - vnc4 <no-dsa> (minor issue)
 	[lenny] - vnc4 <no-dsa> (minor issue)
-	- xotcl <unfixed> (low; bug #560950)
-	[lenny] - xotcl <no-dsa> (minor issue)
+	- xotcl <not-affected> (Vulnerable code not present in embedded Expat copy)
 CVE-2009-3559 (** DISPUTED ** ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: safe_mode regression

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-02-23 17:08:51 UTC (rev 14144)
+++ data/embedded-code-copies	2010-02-23 21:09:52 UTC (rev 14145)
@@ -1157,7 +1157,7 @@
 	- apache2 2.2 (embed)
 	- texlive-bin <not-affected> (Embedded code not compiled in)
 	- vnc4 <unfixed> (embed)
-	- xotcl 1.6.5-1.1 (embed)
+	- xotcl <unfixed> (embed)
 
 xerces-c
 	- xerces-c2 <unfixed> (old-version)

More information about the Secure-testing-commits mailing list