[Secure-testing-commits] r3283 - in data: CVE DSA

Micah Anderson Thu, 12 Jan 2006 10:59:54 -0800

Author: micah
Date: 2006-01-12 18:59:23 +0000 (Thu, 12 Jan 2006)
New Revision: 3283


Modified:
   data/CVE/list
   data/DSA/list
Log:
DSA-935-1 and DSA-930-2


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-01-12 15:44:24 UTC (rev 3282)
+++ data/CVE/list       2006-01-12 18:59:23 UTC (rev 3283)
@@ -283,7 +283,9 @@
        - linux-2.6 <unfixed>
        NOTE: Added patch tracker template
 CVE-2006-0083 (Format string vulnerability in the logging code of SMS Server 
Tools ...)
-       {DSA-930-1}
+       {DSA-930-2}
+       [woody] - smstools 1.5.0-2woody0
+       [sarge] - smstools 1.14.8-1sarge0
        - smstools <unfixed> (bug #347221; medium)
 CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other 
versions, ...)
        {CVE-2005-4560}
@@ -2745,6 +2747,8 @@
 CVE-2005-3657 (The ActiveX control in MCINSCTL.DLL for McAfee VirusScan 
Security ...)
        NOT-FOR-US: McAfee
 CVE-2005-3656 (Multiple format string vulnerabilities in logging functions in 
...)
+       {DSA-935-1}
+       [sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0
        - libapache2-mod-auth-pgsql 2.0.2b1-7
        - libapache-mod-auth-pgsql <not-affected> (Does not contain the 
vulnerable ap_log_rerror() function)
 CVE-2005-3655

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2006-01-12 15:44:24 UTC (rev 3282)
+++ data/DSA/list       2006-01-12 18:59:23 UTC (rev 3283)
@@ -11,6 +11,10 @@
        {CVE-2005-2097 CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 
CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
        [sarge] - libextractor 0.4.2-2sarge2
        NOTE: Fixed in testing at time of DSA
+[10 Jan 2006] DSA-935-1 libapache2-mod-auth-pgsql - format string vulnerability
+       {CVE-2005-3656}
+       [sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0
+       NOTE: Not fixed in sid at the time of DSA
 [09 Jan 2006] DSA-934-1 pound - remote
        {CVE-2005-1391 CVE-2005-3751}
        [sarge] - pound 1.8.2-1sarge1
@@ -27,6 +31,11 @@
         {CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 
CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
        [woody] - xpdf 1.00-3.8
        [sarge] - xpdf 3.00-13.4
+[10 Jan 2006] DSA-930-2 smstools - format string attack
+       {CVE-2006-0083}
+       [woody] smstools - 1.5.0-2woody0
+       [sarge] smstools - 1.14.8-1sarge0
+       NOTE: not fixed in sid at time of DSA
 [09 Jan 2006] DSA-930-1 smstools - format string error
         {CVE-2006-0083}
         [sarge] - smstools 1.14.8-1sarge0


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3283 - in data: CVE DSA

Reply via email to