[Secure-testing-commits] r8075 - in data: . CVE

Mon, 04 Feb 2008 14:41:32 -0800 

Author: stef-guest
Date: 2008-02-04 22:41:34 +0000 (Mon, 04 Feb 2008)
New Revision: 8075

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
- new mplayer/xine-lib issues
- CVE-2006-4484 affects tk and netpbm


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2008-02-04 21:30:04 UTC (rev 8074)
+++ data/CVE/list       2008-02-04 22:41:34 UTC (rev 8075)
@@ -34,10 +34,15 @@
        NOT-FOR-US: VB Marketing
 CVE-2008-0487 (Multiple SQL injection vulnerabilities in login.asp in 
ASPired2Protect ...)
        NOT-FOR-US: ASPired2Protect
-CVE-2008-0486
+CVE-2008-0486 [MPlayer and Xine Buffer overflow in libmpdemux/flac]
        RESERVED
-CVE-2008-0485
+       - mplayer <unfixed> (bug #464060)
+       - xine-lib <unfixed>
+       TODO: check embedded code in other packages
+CVE-2008-0485 [MPlayer arbitrary code execution in libmpdemux/mov]
        RESERVED
+       - mplayer <unfixed> (bug #464060)
+       TODO: check embedded code in other packages
 CVE-2008-0484
        RESERVED
 CVE-2008-0483
@@ -24012,6 +24017,10 @@
 CVE-2006-4484 (Buffer overflow in the LWZReadByte_ function in ...)
        - libgd2 2.0.33-5.1 (medium; bug #384838)
        - xloadimage <unfixed> (unimportant; bug #384841)
+       - tk8.5 8.5.0-3
+       - tk8.4 8.4.17-2
+       - tk8.3 8.3.5-12
+       - netpbm <unfixed> (bug #464056)
        NOTE: xloadimage is a crasher only, not a security problem
 CVE-2006-4483 (The cURL extension files (1) ext/curl/interface.c and (2) ...)
        - php5 5.1.6-1 (unimportant)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies   2008-02-04 21:30:04 UTC (rev 8074)
+++ data/embedded-code-copies   2008-02-04 22:41:34 UTC (rev 8075)
@@ -419,3 +419,9 @@
 xine-lib
        - vlc <unfixed> (embed)
        NOTE: only parts included in modules/access/rtsp
+
+netpbm
+       - tcl8.3 <unfixed> (embed)
+       - tcl8.4 <unfixed> (embed)
+       - tcl8.5 <unfixed> (embed)
+       NOTE: generic/tkImgGIF.c


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to