[Secure-testing-commits] r13712 - in data: . CVE packages

Mon Jan 4 23:43:03 UTC 2010

Author: geissert
Date: 2010-01-04 23:43:03 +0000 (Mon, 04 Jan 2010)
New Revision: 13712

Modified:
   data/CVE/list
   data/embedded-code-copies
   data/packages/new-packages
Log:
processed some NEW packages:
lots of embeds
one issue already fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-01-04 21:37:21 UTC (rev 13711)
+++ data/CVE/list	2010-01-04 23:43:03 UTC (rev 13712)
@@ -53883,7 +53883,9 @@
 CVE-2006-3909 (Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads ...)
 	NOT-FOR-US: WWWthreads
 CVE-2006-3908 (Format string vulnerability in the flush_output function in ...)
-	NOT-FOR-US: Game Network Engine (GNE)
+	- gnelib 0.75+svn20091130-1
+	NOTE: issue was fixed back in 2006 but there hasn't been any
+	NOTE: release since 0.70 which is affected
 CVE-2006-3907 (Siemens SpeedStream 2624 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Siemens
 CVE-2006-3906 (Internet Key Exchange (IKE) version 1 protocol, as implemented on ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-01-04 21:37:21 UTC (rev 13711)
+++ data/embedded-code-copies	2010-01-04 23:43:03 UTC (rev 13712)
@@ -538,7 +538,7 @@
 	- kdegames <unfixed> (embed)
 	NOTE: kdegames/kde4 embeds libiris which embeds libidn
 
-liblua
+lua5.1
 	- monotone 0.43-1 (embed)
 	- nmap 5.00-1 (embed; bug #527997)
 	[lenny] - nmap <unfixed> (embed; bug #527997)
@@ -546,6 +546,7 @@
 	- enigma <unfixed> (embed)
 	NOTE: requires lua built with C++
 	- freeciv <unfixed> (embed)
+	- spring <unfixed> (embed)
 
 libbotan
 	- monotone 0.43-1 (embed)
@@ -1651,3 +1652,22 @@
 
 Diff.php (Clay Loveless' version/killersoft.com)
 	- php-versioncontrol-svn <unfixed>
+
+libm
+	- spring <unfixed> (embed)
+	NOTE: embedded by embedded copy of streflop
+
+streflop
+	- spring <unfixed> (embed)
+
+minizip
+	- spring <unfixed> (embed)
+
+oscpack
+	- spring <unfixed> (embed)
+
+hpiutil2
+	- spring <unfixed> (embed)
+
+p7zip
+	- spring <unfixed> (embed)

Modified: data/packages/new-packages
===================================================================
--- data/packages/new-packages	2010-01-04 21:37:21 UTC (rev 13711)
+++ data/packages/new-packages	2010-01-04 23:43:03 UTC (rev 13712)
@@ -46,9 +46,6 @@
 remmina
 remmina-gnome
 rlvm
-ttf-komatuna
-ttf-levien-museum
-ttf-levien-typoscript
 ansel1
 attica
 coinor-flopc++
@@ -90,7 +87,6 @@
 magics++
 openopt
 osm-gps-map
-ossim
 pescetti
 pixelmed
 python-django-djapian
@@ -114,10 +110,8 @@
 pidgin-microblog
 rcs
 saxonb
-shunit2
 slack
 software-center
-spring
 taskjuggler
 tokyocabinet-ruby
 uanytun
@@ -132,7 +126,6 @@
 poppler-data
 rainbow
 freemind
-autoconf2.64
 axis2c
 bist
 coinor-ipopt


