[Secure-testing-commits] r14904 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Jun 24 23:45:43 UTC 2010
Author: gilbert-guest
Date: 2010-06-24 23:45:42 +0000 (Thu, 24 Jun 2010)
New Revision: 14904
Modified:
data/CVE/list
data/embedded-code-copies
Log:
ncompress has some code in common with gzip
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-24 21:14:28 UTC (rev 14903)
+++ data/CVE/list 2010-06-24 23:45:42 UTC (rev 14904)
@@ -7471,6 +7471,7 @@
- klibc <not-affected> (does not include unlzw.c in its gzip code copy)
- busybox <not-affected> (does not include unlzw.c in its gzip code copy)
- pristine-tar <not-affected> (does not include unlzw.c in its gzip code copy)
+ - ncompress 4.2.4.3-1
CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in ...)
NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-4323 (The installation for Zen Cart stores sensitive information and ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2010-06-24 21:14:28 UTC (rev 14903)
+++ data/embedded-code-copies 2010-06-24 23:45:42 UTC (rev 14904)
@@ -459,6 +459,7 @@
- busybox <unfixed> (embed)
- pristine-tar <unfixed> (modified-embed)
NOTE: compression code only, not uncompression
+ - ncompress <unfixed> (old-version)
neon
- cadaver 0.22.3+debian-1 (embed; bug #188381)
More information about the Secure-testing-commits
mailing list