Re: [Secure-testing-commits] r7065 - data/CVE

To: nion@debian.org
Cc: debian-security-tracker@lists.debian.org
Subject: Re: [Secure-testing-commits] r7065 - data/CVE
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 23 Oct 2007 23:35:22 +0200
Message-id: <[🔎] 20071023213522.GA3544@galadriel.inutil.org>
In-reply-to: <E1Ik4Ut-00074m-Lm@alioth.debian.org>
References: <E1Ik4Ut-00074m-Lm@alioth.debian.org>

On Mon, Oct 22, 2007 at 09:07:39PM +0000, nion@alioth.debian.org wrote:
> Author: nion
> Date: 2007-10-22 21:07:39 +0000 (Mon, 22 Oct 2007)
> New Revision: 7065
> 
> Modified:
>    data/CVE/list
> Log:
> CVE-2007-5275 flashplugin-nonfree affected, unimportant
> 
> Modified: data/CVE/list
> ===================================================================
> --- data/CVE/list	2007-10-22 13:36:02 UTC (rev 7064)
> +++ data/CVE/list	2007-10-22 21:07:39 UTC (rev 7065)
> @@ -930,8 +930,8 @@
>  CVE-2007-5276 (Opera 9 drops DNS pins based on failed connections to irrelevant TCP ...)
>  	NOT-FOR-US: Opera
>  CVE-2007-5275 (The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause ...)
> -	TODO: check
> -	NOTE: not really clear if the whole 9.x series is affected
> +	- flashplugin-nonfree <unfixed> (unimportant)
> +	NOTE: this package just downloads it from adobe.com, they are working on the problem

In the past the flashplugin-nonfree package downloaded a specific
version and needed regular updates. If that is still the case, the
new entries should be made consistent with previous ones.

Cheers,
        Moritz

Reply to:

Prev by Date: Re: Bug#447734: libxul0d: vulnerable to CVE-2007-5339
Next by Date: mipsel and s390 missing for dsa-1362-2
Previous by thread: Re: Bug#447734: libxul0d: vulnerable to CVE-2007-5339
Next by thread: mipsel and s390 missing for dsa-1362-2
Index(es):
- Date
- Thread