[Secure-testing-commits] r11421 - data/CVE

Tue, 17 Mar 2009 02:14:16 -0700 

Author: joeyh
Date: 2009-03-17 09:14:09 +0000 (Tue, 17 Mar 2009)
New Revision: 11421

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-03-17 08:52:57 UTC (rev 11420)
+++ data/CVE/list       2009-03-17 09:14:09 UTC (rev 11421)
@@ -6084,8 +6084,8 @@
        NOT-FOR-US: Opera
 CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google 
Chrome ...)
        {CVE-2008-4723}
-        - webkit <unfixed> (medium; bug #520052)
-        NOTE: webkit properly handles this issue with respect to extensions 
such as jpg and txt, but not in general; for example, the attack works for odp, 
xls, etc extensions (only tested with midori 0.1.4)
+       - webkit <unfixed> (medium; bug #520052)
+       NOTE: webkit properly handles this issue with respect to extensions 
such as jpg and txt, but not in general; for example, the attack works for odp, 
xls, etc extensions (only tested with midori 0.1.4)
        NOTE: not reproducible using iceweasel 3.0.1
 CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla 
Firefox ...)
        {CVE-2008-4724}
@@ -7058,7 +7058,7 @@
 CVE-2008-4317
        RESERVED
 CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 
2.20 allow ...)
-        - glib2.0 <unfixed> (medium; bug #520046)
+       - glib2.0 <unfixed> (medium; bug #520046)
 CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise 
Linux ...)
        NOT-FOR-US: OpenPegasus
 CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers 
to ...)
@@ -21411,7 +21411,7 @@
        - rails 1.2.5-1
        [etch] - rails <not-affected> (Vulnerable code not present)
 CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for 
Tk ...)
-       {DSA-1416-1 DSA-1415-1}
+       {DSA-1743-1 DSA-1416-1 DSA-1415-1}
        - tk8.3 8.3.5-10 (medium; bug #446465)
        - tk8.4 8.4.16-1 (medium)
 CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file 
...)
@@ -22139,6 +22139,7 @@
 CVE-2007-5138 (PHP remote file inclusion vulnerability in forum/forum.php in 
...)
        NOT-FOR-US: lustig.cms
 CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c 
in Tcl ...)
+       {DSA-1743-1}
        - tk8.4 8.4.16-1
        [etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
        [sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to