[Secure-testing-commits] r2720 - in data: CVE DSA

Moritz Muehlenhoff Fri, 11 Nov 2005 06:14:40 -0800

Author: jmm-guest
Date: 2005-11-11 14:14:10 +0000 (Fri, 11 Nov 2005)
New Revision: 2720


Modified:
   data/CVE/list
   data/DSA/list
Log:
convert june 2004 to the new format


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-11-11 10:58:46 UTC (rev 2719)
+++ data/CVE/list       2005-11-11 14:14:10 UTC (rev 2720)
@@ -14474,6 +14474,7 @@
        NOT-FOR-US: Linksys routers
 CVE-2004-0579 (Format string vulnerability in super before 3.23 allows local 
users to ...)
        {DSA-522}
+       - super 3.23.0-1
 CVE-2004-0578 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other 
versions ...)
        NOT-FOR-US: Wingate
 CVE-2004-0577 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other 
versions ...)
@@ -14551,6 +14552,7 @@
        - aspell 0.50.5-3
 CVE-2004-0547 (Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 
allows ...)
        {DSA-516}
+       - postgresql 07.03.0200-3
 CVE-2004-0546
        RESERVED
 CVE-2004-0545 (LVM for AIX 5.1 and 5.2 allows local users to overwrite 
arbitrary ...)
@@ -14600,8 +14602,10 @@
        NOT-FOR-US: Change_passwd SquirrelMail plugin not present in debian
 CVE-2004-0523 (Multiple buffer overflows in krb5_aname_to_localname for MIT 
Kerberos ...)
        {DSA-520}
+       - krb5 1.3.3-2
 CVE-2004-0522 (Gallery 1.4.3 and earlier allows remote attackers to bypass ...)
        {DSA-512}
+       - gallery 1.4.3-pl2-1
 CVE-2004-0521 (SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 
allows ...)
        {DSA-535}
        - squirrelmail 2:1.4.3a-0.1
@@ -14750,9 +14754,10 @@
        - pavuk 0.9pl28-3 (bug #264684)
 CVE-2004-0455 (Buffer overflow in cgi.c in www-sql before 0.5.7 allows local 
users to ...)
        {DSA-523}
+       - www-sql 0.5.7-18
 CVE-2004-0454 (Buffer overflow in the msg function for rlpr daemon (rlprd) 
2.04 ...)
        {DSA-524}
-       - rlpr 2.05-1 (bug #255402)
+       - rlpr 2.02-7.1 (bug #255402)
 CVE-2004-0453 (Format string vulnerability in the monitor &quot;memory 
dump&quot; command in ...)
        - vice 1.14-2
 CVE-2004-0452 (Race condition in the rmtree function in the File::Path module 
in Perl ...)
@@ -14760,8 +14765,10 @@
        - perl 5.8.4-5
 CVE-2004-0451 (Multiple format string vulnerabilities in the (1) logquit, (2) 
logerr, ...)
        {DSA-521}
+       - sup 1.8-11
 CVE-2004-0450 (Format string vulnerability in the printlog function in 
log2mail ...)
        {DSA-513}
+       - log2mail 0.2.8-3
 CVE-2004-0449
        RESERVED
 CVE-2004-0448 (Format string vulnerability in the log function for jftpgw 
0.13.4 and ...)
@@ -14849,6 +14856,7 @@
        - mailman 2.1.4-5
 CVE-2004-0411 (The URI handlers in Konqueror for KDE 3.2.2 and earlier do not 
...)
        {DSA-518}
+       - kdelibs 4:3.2.3
 CVE-2004-0410
        RESERVED
        NOTE: An empty CVE, never published.
@@ -14895,6 +14903,7 @@
        NOTE: not fixed in 2.4.27 by inspection, didn't bother with a bug
 CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon 
...)
        {DSA-524}
+       - rlpr 2.02-7.1 (bug #255402)
 CVE-2004-0392 (racoon before 20040407b allows remote attackers to cause a 
denial of ...)
        - apache 1.3.31-2
 CVE-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and 
Hosting ...)
@@ -15187,8 +15196,10 @@
        NOT-FOR-US: thePHOTOtool
 CVE-2004-0235 (Multiple directory traversal vulnerabilities in LHA 1.14 allow 
remote ...)
        {DSA-515}
+       - lha 1.14i-8
 CVE-2004-0234 (Multiple stack-based buffer overflows in the get_header 
function in ...)
        {DSA-515}
+       - lha 1.14i-8
 CVE-2004-0233 (Utempter allows device names that contain .. (dot dot) 
directory ...)
        NOT-FOR-US: utempter
 CVE-2004-0232 (Multiple format string vulnerabilities in Midnight Commander 
(mc) ...)
@@ -18832,6 +18843,7 @@
        TODO: test
 CVE-2004-0077 (The do_mremap function for the mremap system call in Linux 2.2 
to ...)
        {DSA-514 DSA-475 DSA-470 DSA-466 DSA-456 DSA-454 DSA-453 DSA-450 
DSA-444 DSA-442 DSA-441 DSA-440 DSA-439 DSA-438}
+       - kernel-source-2.2.20 <removed>
 CVE-2004-0075 (The Vicam USB driver in Linux before 2.4.25 does not use the 
...)
        - kernel-source-2.4.24 2.4.24-3
        NOTE: fixed in 2.4.26-pre3

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2005-11-11 10:58:46 UTC (rev 2719)
+++ data/DSA/list       2005-11-11 14:14:10 UTC (rev 2720)
@@ -1512,49 +1512,46 @@
        [woody] - webmin 0.94-7woody2
 [24 Jun 2004] DSA-525 apache - buffer overflow
        {CVE-2004-0492}
-       - apache 1.3.31-2
+       [woody] - apache 1.3.26-0woody5
 [19 Jun 2004] DSA-524 rlpr - several vulnerabilities
        {CVE-2004-0393 CVE-2004-0454}
-       - rlpr 2.02-7.1 (bug #255402)
+       [woody] - rlpr 2.02-7woody1
 [19 Jun 2004] DSA-523 www-sql - buffer overflow
        {CVE-2004-0455}
-       - www-sql 0.5.7-18
+       [woody] - www-sql 0.5.7-17woody1
 [19 Jun 2004] DSA-522 super - format string vulnerability
        {CVE-2004-0579}
-       - super 3.23.0-1
+       [woody] - super 3.16.1-1.2
 [18 Jun 2004] DSA-521 sup - format string vulnerability
        {CVE-2004-0451}
-       - sup 1.8-11
+       [woody] - sup 1.8-8woody2
 [16 Jun 2004] DSA-520 krb5 - buffer overflows
        {CVE-2004-0523}
-       - krb5 1.3.3-2
+       [woody] - krb5 1.2.4-5woody5
 [15 Jun 2004] DSA-519 cvs - several vulnerabilities
        {CVE-2004-0416 CVE-2004-0417 CVE-2004-0418}
-       - cvs 1:1.12.9-1
+       [woody] - cvs 1.11.1p1debian-9woody7
 [14 Jun 2004] DSA-518 kdelibs - unsanitised input
        {CVE-2004-0411}
-       - kdelibs 4:3.2.3
+       [woody] - kdelibs 2.2.2-13.woody.10
 [10 Jun 2004] DSA-517 cvs - buffer overflow
        {CVE-2004-0414}
-       - cvs 1:1.12.9-1
+       [woody] - cvs 1.11.1p1debian-9woody6
 [07 Jun 2004] DSA-516 postgresql - buffer overflow
        {CVE-2004-0547}
-       - postgresql 07.03.0200-3.
+       [woody] - postgresql 7.2.1-2woody5
 [05 Jun 2004] DSA-515 lha - several vulnerabilities
        {CVE-2004-0234 CVE-2004-0235}
-       - lha 1.14i-8
-       NOTE: If 1.14i-8 cannot get into testing, the fix for 1.14i-2.0.1
-       NOTE: from the DSA could to updated via t-p-u.
+       [woody] - lha 1.14i-2woody1
 [04 Jun 2004] DSA-514 kernel-image-sparc-2.2 - failing function and TLB flush
        {CVE-2004-0077}
-       - kernel-image-sparc-2.2 9.1
-       NOTE: did not check other versions of the kernel
+       [woody] - kernel-source-2.2.20 2.2.20-5woody3
 [03 Jun 2004] DSA-513 log2mail - format string
        {CVE-2004-0450}
-       - log2mail 0.2.8-3
+       [woody] - log2mail 0.2.5.2
 [02 Jun 2004] DSA-512 gallery - unauthenticated access
        {CVE-2004-0522}
-       - gallery 1.4.3-pl2-1
+       [woody] - gallery 1.2.5-8woody2
 [30 May 2004] DSA-511 ethereal - buffer overflows
        {CVE-2004-0176}
        - ethereal 0.10.3-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r2720 - in data: CVE DSA

Reply via email to