[Secure-testing-commits] r13865 - data/CVE
Steffen Joeris
white at alioth.debian.org
Wed Jan 20 14:43:29 UTC 2010
Author: white
Date: 2010-01-20 14:43:28 +0000 (Wed, 20 Jan 2010)
New Revision: 13865
Modified:
data/CVE/list
Log:
gzip issues now public
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-20 14:17:26 UTC (rev 13864)
+++ data/CVE/list 2010-01-20 14:43:28 UTC (rev 13865)
@@ -1503,8 +1503,9 @@
- linux-2.6.24 <removed>
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
- bash <not-affected> (mandriva-specific packaging issue)
-CVE-2010-0001
+CVE-2010-0001 [gzip: integer underflow via LZW compressed gzip archive]
RESERVED
+ - gzip <unfixed> (medium)
CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in ...)
NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-4323 (The installation for Zen Cart stores sensitive information and ...)
@@ -7048,8 +7049,9 @@
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
- openjdk-6 6b16-1.6-1 (medium; bug #542210)
- libxerces2-java <unfixed>
-CVE-2009-2624
+CVE-2009-2624 [gzip: missing input sanitation related to dynamic Huffman codes]
RESERVED
+ - gzip <unfixed> (medium)
CVE-2009-2623
RESERVED
CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before ...)
More information about the Secure-testing-commits
mailing list