Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d672ae42 by Salvatore Bonaccorso at 2023-03-05T10:47:41+01:00 Revert "Mark CVE-2009-4228 as not-affected" This reverts commit 4ad5997f64d9ab9dde81235c1bdcf8a26e16c4a7. Having "newer versions in the archive" is not a valid reason for not-affected. We either continue to err on the safe side and keep something as unfixed or pinpoint a fix. In this case it is mostly irrelevant as the issue is unimportant. - - - - - 28f6fd92 by Salvatore Bonaccorso at 2023-03-05T10:50:32+01:00 Add CVE assignment reference to distinquish CVE-2009-4228 from CVE-2009-4227 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -558863,7 +558863,8 @@ CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.d ...) NOT-FOR-US: PestPatrol CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ...) - - xfig <not-affected> (all available versions in archive are newer, than 3.2.5b) + - xfig <unfixed> (unimportant) + NOTE: https://www.openwall.com/lists/oss-security/2009/12/08/5 CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in f_r ...) - xfig 1:3.2.5.b-1 (low; bug #559274) [lenny] - xfig <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4ad5997f64d9ab9dde81235c1bdcf8a26e16c4a7...28f6fd92bee9730c9d0c36a68da93ae2c75d9c8a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4ad5997f64d9ab9dde81235c1bdcf8a26e16c4a7...28f6fd92bee9730c9d0c36a68da93ae2c75d9c8a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits