diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2007-01-31 22:11:14 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-01-31 22:11:14 +0000 |
| commit | df370eff290c297026a58f50d161c8dc5ff74c9f (patch) | |
| tree | 366eaa7923293191e9a5a682a90f5f6a06089815 /data | |
| parent | fc7965097a88dc45bd356ec0ed3275c0b38fa642 (diff) | |
two new DSAs
phpbb issue already adressed
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5391 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 9 | ||||
| -rw-r--r-- | data/DSA/list | 6 |
2 files changed, 11 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index a669133d70..bc9e6105a1 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -207,10 +207,10 @@ CVE-2007-XXXX [unsafe alloca() call in chmlib] - chmlib 2:0.39-1 (bug #408603; medium) CVE-2007-0494 (ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 ...) {DSA-1254-1} - - bind9 1:9.3.4-2 + - bind9 1:9.3.4-2 (medium; bug #408432) - bind <not-affected> CVE-2007-0493 (Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to ...) - - bind9 1:9.3.4-2 + - bind9 1:9.3.4-2 (medium; bug #408432) [sarge] - bind9 <not-affected> (Vulnerable code not present) - bind <not-affected> CVE-2007-XXXX [gstreamer ffmpeg missing checks of packet sizes, chunk sizes, and fragment positions] @@ -2254,7 +2254,8 @@ CVE-2006-6510 (An unspecified ActiveX control in SiteKiosk before 6.5.150 is ... CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in ...) NOT-FOR-US: SiteKiosk CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...) - - phpbb2 <unfixed> (bug #402140; low) + NOTE: This is covered/duped by CVE-2006-6841 + - phpbb2 2.0.21-6 CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass ...) NOTE: MFSA-2006-76 - iceweasel 2.0.0.1+dfsg-1 (high) @@ -2700,7 +2701,7 @@ CVE-2006-6333 (The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the - linux-2.6 <unfixed> [etch] - linux-2.6 <not-affected> (Only affects 2.6.19, introduced after 2.6.18) CVE-2006-6332 (Stack-based buffer overflow in net80211/ieee80211_wireless.c in ...) - - madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836) + - madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836; bug #402111) [etch] - madwifi <no-dsa> (Non-free not supported) CVE-2006-6331 (metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is ...) - torrentflux 2.1-7 (bug #400582; medium) diff --git a/data/DSA/list b/data/DSA/list index fb0ef9929a..25d9392da5 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,9 @@ +[31 Jan 2007] DSA-1256-1 gtk+2.0 + {CVE-2007-0010} + [sarge] - gtk+2.0 2.6.4-3.2 +[31 Jan 2007] DSA-1255-1 libgtop2 + {CVE-2007-0235} + [sarge] - libgtop2 2.6.0-4sarge1 [27 Jan 2007] DSA-1254-1 bind9 {CVE-2007-0494} [sarge] - bind9 9.2.4-1sarge2 |