[Secure-testing-team] [Secure-testing-commits] r12708 - data/CVE
Nico Golde
debian-secure-testing+ml at ngolde.de
Sun Aug 30 22:23:00 UTC 2009
Hi,
* Michael Gilbert <gilbert-guest at alioth.debian.org> [2009-08-30 19:06]:
> Author: gilbert-guest
> Date: 2009-08-30 17:09:16 +0000 (Sun, 30 Aug 2009)
> New Revision: 12708
>
> Modified:
> data/CVE/list
> Log:
> beginning of embedded code copies triage (5 down 395 to go)
>
> Modified: data/CVE/list
> ===================================================================
> --- data/CVE/list 2009-08-30 03:00:07 UTC (rev 12707)
> +++ data/CVE/list 2009-08-30 17:09:16 UTC (rev 12708)
> @@ -1286,6 +1286,7 @@
> CVE-2009-2660 (Multiple integer overflows in CamlImages 2.2 might allow ...)
> {DSA-1857-1}
> - camlimages 1:3.0.1-3 (medium; bug #540146)
> + - advi <not-affected> (affected code section not present in advi code copy of camlimages)
> CVE-2009-2657 (nilfs-utils before 2.0.14 installs multiple programs with unnecessary ...)
> - nilfs2-tools <not-affected> (dh_fixperms removes the setuid and setgid bits from all files)
> CVE-2009-2656 (Unspecified vulnerability in the com.android.phone process in Android ...)
> @@ -1303,6 +1304,8 @@
> CVE-2009-XXXX [VLC: integer underflow in Real RTSP]
> - vlc 1.0.1-1
> - mplayer <unfixed>
> + - xine-lib <unfixed>
> + NOTE: affected mplayer code copy present in xine-lib
Did you only check if the code is present or also if it's
used?
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090831/9ee4eaec/attachment.pgp>
More information about the Secure-testing-team
mailing list