diff options
author | Steffen Joeris <white@debian.org> | 2009-01-28 16:56:28 +0000 |
---|---|---|
committer | Steffen Joeris <white@debian.org> | 2009-01-28 16:56:28 +0000 |
commit | a133403c38be83c7a8d5758b8f8ba4cfa6de9d6b (patch) | |
tree | c9b15693639be3af6a6e3fdef93bb2e5b4a8f2ee | |
parent | 9f1e986341f1dd2413347f9bdd8dce302e8e294f (diff) |
Mark unp issue as no-dsa, it is not really used as archiver by any package in stable
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11072 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 3 | ||||
-rw-r--r-- | data/spu-candidates.txt | 5 |
2 files changed, 7 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index eee3bae610..54adaad7f3 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -15007,7 +15007,8 @@ CVE-2007-6613 (Stack-based buffer overflow in the print_iso9660_recurse function [etch] - libcdio <not-affected> (Packages prior to 0.78.2 didn't build the tools into binary package) NOTE: applications that use libcdio are not vulnerable, problem only lies in the info tool CVE-2007-6610 (unp 1.0.12, and other versions before 1.0.14, does not properly escape ...) - - unp 1.0.13 (bug #448437) + - unp 1.0.13 (bug #448437; low) + [etch] - unp <no-dsa> (Only used as archiver in third-party software) CVE-2007-6609 (Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function ...) NOT-FOR-US: CoolPlayer CVE-2007-6608 (Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio ...) diff --git a/data/spu-candidates.txt b/data/spu-candidates.txt index d9a447957c..5b7fb1e074 100644 --- a/data/spu-candidates.txt +++ b/data/spu-candidates.txt @@ -505,6 +505,11 @@ notified maintainer -- +unp (CVE-2007-6610) +#448437 + +-- + xmcd #496416 notified maintainer |