[Secure-testing-commits] r13882 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Fri Jan 22 16:14:51 UTC 2010
Author: jmm-guest
Date: 2010-01-22 16:14:51 +0000 (Fri, 22 Jan 2010)
New Revision: 13882
Modified:
data/CVE/list
Log:
- backup-manager spu
- evolution issues
- ffmpeg fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-22 15:27:21 UTC (rev 13881)
+++ data/CVE/list 2010-01-22 16:14:51 UTC (rev 13882)
@@ -2656,8 +2656,10 @@
- linux-2.6 <unfixed> (unimportant)
- linux-2.6.24 <unfixed> (unimportant)
NOTE: All Debian kernels have MMU support enabled
-CVE-2009-3887
+CVE-2009-3887 [evolution path traversal]
RESERVED
+ - evolution <unfixed>
+ NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
CVE-2009-3886 (The Java Web Start implementation in Sun Java SE 6 before Update 17 ...)
- openjdk-6 <unfixed> (medium; bug #560908)
- sun-java6 6-17-1
@@ -3180,8 +3182,10 @@
- kvm 88+dfsg-2 (low; bug #557739)
NOTE: http://bugzilla.redhat.com/531660
NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
-CVE-2009-3721
+CVE-2009-3721 [evolution buffer overflow]
RESERVED
+ - evolution <unfixed>
+ NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...)
{DSA-1921-1}
- expat 2.0.1-5 (low; bug #551936)
@@ -4004,10 +4008,9 @@
CVE-2009-3447 (Unrestricted file upload vulnerability in RADactive I-Load before ...)
NOT-FOR-US: RADactive I-Load
CVE-2009-XXXX [ffmpeg missing input sanitization/crashes]
- - ffmpeg (medium; bug #550442)
+ - ffmpeg 4:0.5+svn20090706-3 (medium; bug #550442)
- xmovie <removed> (medium)
- ffmpeg-debian <removed> (medium)
- NOTE: Fixed in experimental in 4:0.5+svn20090706-3
NOTE: https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240
NOTE: https://roundup.ffmpeg.org/roundup/ffmpeg/issue1245
CVE-2009-XXXX [xen-tools: world readable disk image files]
@@ -40706,6 +40709,7 @@
- backup-manager 0.7.6-1 (low)
[sarge] - backup-manager <no-dsa> (Minor issue)
[etch] - backup-manager <no-dsa> (Minor issue)
+ TODO: next point update [etch] - backup-manager 0.7.5-5
CVE-2007-2765 (blockhosts.py in BlockHosts before 2.0.3 does not properly parse ...)
NOT-FOR-US: BlockHosts
CVE-2007-2764 (The embedded Linux kernel in certain Sun-Brocade SilkWorm switches ...)
More information about the Secure-testing-commits
mailing list