[Secure-testing-commits] r13842 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Jan 16 21:59:00 UTC 2010


Author: gilbert-guest
Date: 2010-01-16 21:58:59 +0000 (Sat, 16 Jan 2010)
New Revision: 13842

Modified:
   data/CVE/list
Log:
vulnerable libtheora code not present in etch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-16 21:19:54 UTC (rev 13841)
+++ data/CVE/list	2010-01-16 21:58:59 UTC (rev 13842)
@@ -3,6 +3,7 @@
 	[etch] - xulrunner <not-affected> (theora introduced in 1.9.1)
 	[lenny] - xulrunner <not-affected> (theora introduced in 1.9.1)
 	- libtheora 1.1.1+dfsg.1-3 (medium)
+	[etch] - libtheora <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=498815
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=498824
 CVE-2010-XXXX [potential sudo vuln]
@@ -4068,6 +4069,7 @@
 	NOT-FOR-US: iscsiadm and iscsitadm programs in Sun Solaris 10
 CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used ...)
 	- libtheora 1.1
+	[etch] - libtheora <not-affected> (vulnerable code not present)
 	- xulrunner 1.9.1.6-1
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
 CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before ...)




More information about the Secure-testing-commits mailing list