[Secure-testing-commits] r20643 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Dec 11 09:03:48 UTC 2012


Author: jmm
Date: 2012-12-11 09:03:48 +0000 (Tue, 11 Dec 2012)
New Revision: 20643

Modified:
   data/CVE/list
Log:
clarify wavesurfer entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-11 09:01:44 UTC (rev 20642)
+++ data/CVE/list	2012-12-11 09:03:48 UTC (rev 20643)
@@ -741,10 +741,9 @@
 CVE-2012-6303 [WaveSurfer and Snack Sound Toolkit buffer overflows]
 	RESERVED
 	- snack <unfixed> (bug #695614)
-	- wavesurfer <not-affected> (bug #695615)
+	- wavesurfer <not-affected> (originally reported in wavesurfer, but actually a bug in libsnack, see bug #695615)
 	NOTE: http://secunia.com/advisories/49889/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/10/2
-	TODO: check, is the vulnerability only in snack, but thus affecting wavesurfer?
 CVE-2012-6302
 	RESERVED
 CVE-2012-6301
@@ -2497,6 +2496,7 @@
 	NOT-FOR-US: change_passwd plugin for Squirrelmail
 CVE-2012-5622
 	RESERVED
+	NOT-FOR-US: OpenShift
 CVE-2012-5621 [Ekiga (x < 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name]
 	RESERVED
 	- ekiga <unfixed>




More information about the Secure-testing-commits mailing list