Author: pabs Date: 2016-03-09 05:09:26 +0000 (Wed, 09 Mar 2016) New Revision: 40252
Modified: data/CVE/list data/DLA/list Log: Fix some epochs and version numbers Suggested-by: Stephen Quintero <step...@datagridsys.com> Suggested-in: <CAHMDtUqWqxKfXLUNScu0c1hgY4M_FPoMtYiSF=krkiaw_c0...@mail.gmail.com> Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-03-08 21:18:31 UTC (rev 40251) +++ data/CVE/list 2016-03-09 05:09:26 UTC (rev 40252) @@ -46254,7 +46254,7 @@ [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present) CVE-2014-4954 (Cross-site scripting (XSS) vulnerability in the ...) - - phpmyadmin 4.2.6-1 + - phpmyadmin 4:4.2.6-1 [squeeze] - phpmyadmin <not-affected> (libraries/structure.lib.php not present) [wheezy] - phpmyadmin <not-affected> (libraries/structure.lib.php not present) CVE-2014-4953 @@ -99741,7 +99741,7 @@ CVE-2011-3938 RESERVED CVE-2011-3937 (The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, ...) - - libav 4:0.8.3-1 + - libav 6:0.8.3-1 - ffmpeg <not-affected> (Vulnerable code not present, introduced in 0.7) CVE-2011-3936 (The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before ...) {DSA-2471-1} @@ -110606,7 +110606,7 @@ NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9 CVE-2010-4653 [integer overflow when parsing CharCodes for fonts] RESERVED - - kdegraphics 4.0 + - kdegraphics 4:4.0.0-1 - xpdf 3.02-9 - poppler 0.16.3-1 (low) [lenny] - poppler <no-dsa> (minor issue) @@ -112529,7 +112529,7 @@ - linux-2.6 2.6.32-30 [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote ...) - - xfig 3.2.5.b-1.1 (bug #606257) + - xfig 1:3.2.5.b-1.1 (bug #606257) NOTE: details and patch at https://bugzilla.redhat.com/659676 CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...) - clamav 0.96.5+dfsg-1 @@ -114036,22 +114036,22 @@ CVE-2010-3708 (The serialization implementation in JBoss Drools in Red Hat JBoss ...) - jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226) CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...) - - dovecot 1.2.15-1 + - dovecot 1:1.2.15-1 [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...) - - dovecot 1.2.15-1 + - dovecot 1:1.2.15-1 [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3705 (The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux ...) {DSA-2126-1} - linux-2.6 2.6.32-25 CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser ...) {DSA-2135-1 DSA-2119-1} - - kdegraphics 4.0 + - kdegraphics 4:4.0.0-1 - xpdf 3.02-9 - poppler 0.12.4-1.2 (bug #599165) NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in ...) - - kdegraphics 4.0 + - kdegraphics 4:4.0.0-1 [lenny] - kdegraphics <not-affected> (Vulnerable code not present) - xpdf 3.02-9 [lenny] - xpdf <not-affected> (Vulnerable code not present) @@ -114060,7 +114060,7 @@ NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f CVE-2010-3702 (The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, ...) {DSA-2135-1 DSA-2119-1} - - kdegraphics 4.0 + - kdegraphics 4:4.0.0-1 - xpdf 3.02-9 - poppler 0.12.4-1.2 (bug #599165) NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf @@ -114367,7 +114367,7 @@ CVE-2010-3496 (McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact ...) NOT-FOR-US: McAfee VirusScan Enterprise CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) ...) - - zodb 3.9.4-1.1 (bug #599711) + - zodb 1:3.9.4-1.1 (bug #599711) CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...) - python-pyftpdlib 0.5.2-1 (low) NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104 @@ -124248,7 +124248,7 @@ RESERVED CVE-2010-0207 [xpdf: XRef table parsing infinite loop] RESERVED - - kdegraphics 4.0 (unimportant) + - kdegraphics 4:4.0.0-1 (unimportant) - xpdf <unfixed> (unimportant) - poppler 0.16.3-1 (unimportant) [squeeze] - poppler 0.12.4-1.2+squeeze1 @@ -124256,7 +124256,7 @@ NOTE: Just a crasher, not treated as a security issue CVE-2010-0206 [xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects] RESERVED - - kdegraphics 4.0 (unimportant) + - kdegraphics 4:4.0.0-1 (unimportant) - xpdf <unfixed> (unimportant) - poppler 0.16.3-1 (unimportant) [squeeze] - poppler 0.12.4-1.2+squeeze1 @@ -126216,7 +126216,7 @@ CVE-2009-4036 RESERVED CVE-2009-4035 (The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ...) - - kdegraphics 4.0 + - kdegraphics 4:4.0.0-1 - xpdf 3.01-1 - poppler 0.5.1-1 - swftools 0.9.2+ds1-2 @@ -133740,7 +133740,7 @@ NOTE: http://trac.webkit.org/changeset/42081 - qt4-x11 4:4.5.2-1 [etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4) - - kdelibs 3.5.10.dfsg.1-2.1 (medium; bug #534949) + - kdelibs 4:3.5.10.dfsg.1-2.1 (medium; bug #534949) - kde4libs 4:4.3.0-1 (medium) CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...) {DSA-1950-1} @@ -162637,7 +162637,7 @@ - unrar-nonfree 3.7.3-1.1 (low; bug #437703) [etch] - unrar-nonfree <no-dsa> (Non-free not supported) [sarge] - unrar-nonfree <no-dsa> (Non-free not supported) - - rar 3.7b1-1 (low; bug #437704) + - rar 1:3.7b1-1 (low; bug #437704) [etch] - rar <not-affected> (Vulnerable code was fixed already) [sarge] - rar <no-dsa> (Non-free not supported) CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...) @@ -186576,7 +186576,7 @@ - freetype 2.2.1-1 (medium) CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...) {DSA-1008-1} - - kdegraphics 3.5.0-3 + - kdegraphics 4:3.5.0-3 NOTE: Only affected the 3.3.2 KDE backport CVE-2006-0745 (X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 ...) - xorg-x11 6.9.0.dfsg.1-5 (bug #360388; medium) Modified: data/DLA/list =================================================================== --- data/DLA/list 2016-03-08 21:18:31 UTC (rev 40251) +++ data/DLA/list 2016-03-09 05:09:26 UTC (rev 40252) @@ -678,7 +678,7 @@ [squeeze] - ruby1.8 1.8.7.302-2squeeze4 [17 May 2015] DLA-223-1 nbd - security update {CVE-2015-0847} - [squeeze] - nbd 2.9.16-8+squeeze2 + [squeeze] - nbd 1:2.9.16-8+squeeze2 [16 May 2015] DLA-222-1 commons-httpclient - security update {CVE-2012-5783 CVE-2012-6153 CVE-2014-3577} [squeeze] - commons-httpclient 3.1-9+deb6u1 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits