Author: stef-guest Date: 2008-02-04 22:41:34 +0000 (Mon, 04 Feb 2008) New Revision: 8075
Modified: data/CVE/list data/embedded-code-copies Log: - new mplayer/xine-lib issues - CVE-2006-4484 affects tk and netpbm Modified: data/CVE/list =================================================================== --- data/CVE/list 2008-02-04 21:30:04 UTC (rev 8074) +++ data/CVE/list 2008-02-04 22:41:34 UTC (rev 8075) @@ -34,10 +34,15 @@ NOT-FOR-US: VB Marketing CVE-2008-0487 (Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect ...) NOT-FOR-US: ASPired2Protect -CVE-2008-0486 +CVE-2008-0486 [MPlayer and Xine Buffer overflow in libmpdemux/flac] RESERVED -CVE-2008-0485 + - mplayer <unfixed> (bug #464060) + - xine-lib <unfixed> + TODO: check embedded code in other packages +CVE-2008-0485 [MPlayer arbitrary code execution in libmpdemux/mov] RESERVED + - mplayer <unfixed> (bug #464060) + TODO: check embedded code in other packages CVE-2008-0484 RESERVED CVE-2008-0483 @@ -24012,6 +24017,10 @@ CVE-2006-4484 (Buffer overflow in the LWZReadByte_ function in ...) - libgd2 2.0.33-5.1 (medium; bug #384838) - xloadimage <unfixed> (unimportant; bug #384841) + - tk8.5 8.5.0-3 + - tk8.4 8.4.17-2 + - tk8.3 8.3.5-12 + - netpbm <unfixed> (bug #464056) NOTE: xloadimage is a crasher only, not a security problem CVE-2006-4483 (The cURL extension files (1) ext/curl/interface.c and (2) ...) - php5 5.1.6-1 (unimportant) Modified: data/embedded-code-copies =================================================================== --- data/embedded-code-copies 2008-02-04 21:30:04 UTC (rev 8074) +++ data/embedded-code-copies 2008-02-04 22:41:34 UTC (rev 8075) @@ -419,3 +419,9 @@ xine-lib - vlc <unfixed> (embed) NOTE: only parts included in modules/access/rtsp + +netpbm + - tcl8.3 <unfixed> (embed) + - tcl8.4 <unfixed> (embed) + - tcl8.5 <unfixed> (embed) + NOTE: generic/tkImgGIF.c _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits