[Secure-testing-commits] r5408 - data/CVE

Sun, 04 Feb 2007 10:35:45 -0800 

Author: jmm-guest
Date: 2007-02-04 19:35:38 +0100 (Sun, 04 Feb 2007)
New Revision: 5408

Modified:
   data/CVE/list
Log:
mpg123 unimportant
flash issue windows-only
added unstable entry for elog
bbclone fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-02-04 15:58:18 UTC (rev 5407)
+++ data/CVE/list       2007-02-04 18:35:38 UTC (rev 5408)
@@ -225,7 +225,9 @@
 CVE-2007-0579 (Unspecified vulnerability in the calendar component in Horde 
Groupware ...)
        NOT-FOR-US: Horde Groupware
 CVE-2007-0578 (The http_open function in httpget.c in mpg123 before 0.64 
allows ...)
-       - mpg123 <unfixed> (bug #409296; low)
+       - mpg123 <unfixed> (bug #409296; unimportant)
+       NOTE: Not much of a security problem; user will abort mpg123 and never 
listen to
+       NOTE: the faulty stream again
 CVE-2007-0577 (PHP remote file inclusion vulnerability in function.inc.php in 
...)
        NOT-FOR-US: ACGVclick
 CVE-2007-0576 (PHP remote file inclusion vulnerability in xt_counter.php in 
Xt-Stats ...)
@@ -470,7 +472,7 @@
 CVE-2004-2676 (The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in 
WebRoot Spy ...)
        NOT-FOR-US: WebRoot Spy Sweeper 
 CVE-2007-0508 (PHP remote file inclusion vulnerability in lib/selectlang.php 
in ...)
-       - bbclone <unfixed> (bug #408839; medium)
+       - bbclone 0.4.6-8 (bug #408839; medium)
 CVE-2007-XXXX [hinfo code injection]
        - hinfo 1.02-3.1 (bug #402316)
 CVE-2007-0494 (ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 
9.4.0a1 ...)
@@ -1779,7 +1781,7 @@
 CVE-2006-6828 (Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and 
earlier ...)
        NOT-FOR-US: Efkan Forum
 CVE-2006-6827 (Flash8b.ocx in Macromedia Flash 8 allows remote attackers to 
cause a ...)
-       TODO: check
+       - flashplugin-nonfree <not-affected> (Windows-specific)
 CVE-2006-6826 (Unspecified vulnerability in the tab editor for Personal .NET 
Portal ...)
        NOT-FOR-US: Personal .NET Portal
 CVE-2006-6825 (Calendar MX BASIC 1.0.2 and earlier store sensitive information 
under ...)
@@ -2999,7 +3001,7 @@
        RESERVED
 CVE-2006-6318 (The show_elog_list function in elogd.c in elog 2.6.2 and 
earlier ...)
        {DSA-1242-1}
-       TODO: check
+       - elog 2.6.2+r1754-1
 CVE-2006-6317
        RESERVED
 CVE-2006-6316
@@ -12574,9 +12576,9 @@
 CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet 
products, ...)
        NOT-FOR-US: FITELnet
 CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown 
impact ...)
-       - pdnsd 1.2.4par-0.1 (bug #368268; high)
+       - pdnsd 1.2.4par-0.1 (bug #368268; medium)
 CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote 
...)
-       - pdnsd 1.2.4par-0.1 (bug #368268; high)
+       - pdnsd 1.2.4par-0.1 (bug #368268; medium)
 CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote 
attackers to ...)
        [sarge] - mydns 1.0.0-4sarge1
        - mydns 1.1.0+pre-3 (medium; bug #348826)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to