[Secure-testing-commits] r11458 - in data: CVE DSA

fw Sun, 22 Mar 2009 10:23:33 -0700

Author: fw
Date: 2009-03-22 17:23:27 +0000 (Sun, 22 Mar 2009)
New Revision: 11458


Modified:
   data/CVE/list
   data/DSA/list
Log:
Reflect that DSA-1750-1 affects different CVEs on etch and lenny


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-03-22 17:16:52 UTC (rev 11457)
+++ data/CVE/list       2009-03-22 17:23:27 UTC (rev 11458)
@@ -14476,9 +14476,10 @@
 CVE-2008-1383 (The docert function in ssl-cert.eclass, when used by 
src_compile or ...)
        NOT-FOR-US: Gentoo Linux Ebuilds
 CVE-2008-1382 (libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 
1.4.0beta01 ...)
+       {DSA-1750-1}
        - libpng 1.2.26-1 (low; bug #476669)
        NOTE: 1.2.26-1 contains a patch to fix that
-       [etch] - libpng <no-dsa> (Minor issue, rare function)
+       [etch] - libpng 1.2.15~beta5-1+etch2
 CVE-2008-1381 (ZoneMinder before 1.23.3 allows remote authenticated users, and 
...)
        {DTSA-130-1}
        - zoneminder 1.23.3-1 (medium; bug #479034)
@@ -22049,9 +22050,10 @@
 CVE-2007-5270 (Unspecified vulnerability in the Boost module before 4.7.x-1.0, 
and ...)
        - drupal <not-affected> (does not ship this module)
 CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 
1.2.21 ...)
+       {DSA-1750-1}
        - libpng 1.2.15~beta5-3 (low; bug #446308)
-       [etch] - libpng <no-dsa> (Minor issue)
        [sarge] - libpng <no-dsa> (Minor issue)
+       [etch] - libpng 1.2.15~beta5-1+etch2
 CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use 
(1) ...)
        - libpng <not-affected> (Vulnerable code not present in Debian version, 
introduced in 1.2.19)
 CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the 
png_set_iCCP ...)
@@ -29012,11 +29014,12 @@
        {DSA-1291-2 DTSA-41-1}
        - samba 3.0.25-1 (high)
 CVE-2007-2445 (The png_handle_tRNS function in pngrutil.c in libpng before 
1.0.25 and ...)
-       {DSA-1613-1}
+       {DSA-1613-1 DSA-1750-1}
        - libgd2 2.0.35.dfsg-1 (low)
        [etch] - libgd2 2.0.33-5.2etch1 (low)
        - libpng 1.2.15~beta5-2 (unimportant)
        - libpng3 <not-affected> (unimportant)
+       [etch] - libpng 1.2.15~beta5-1+etch2
        NOTE: Only a crash, no code injection. Calling this DoS stretches 
things rather far
 CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd 
in Samba ...)
        {DSA-1291-2 DTSA-41-1}

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2009-03-22 17:16:52 UTC (rev 11457)
+++ data/DSA/list       2009-03-22 17:23:27 UTC (rev 11458)
@@ -1,5 +1,5 @@
 [22 Mar 2009] DSA-1750-1 libpng - several vulnerabilities
-       {CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 
CVE-2009-0040}
+       {CVE-2008-5907 CVE-2008-6218 CVE-2009-0040}
        [etch] - libpng 1.2.15~beta5-1+etch2
        [lenny] - libpng 1.2.27-2+lenny2
 [20 Mar 2009] DSA-1749-1 linux-2.6 - several vulnerabilities


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r11458 - in data: CVE DSA

Reply via email to