[Secure-testing-commits] r3289 - in data: CVE DSA

Fri, 13 Jan 2006 02:57:36 -0800 

Author: jmm-guest
Date: 2006-01-13 10:57:06 +0000 (Fri, 13 Jan 2006)
New Revision: 3289

Modified:
   data/CVE/list
   data/DSA/list
Log:
two new DSAs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-01-13 10:36:59 UTC (rev 3288)
+++ data/CVE/list       2006-01-13 10:57:06 UTC (rev 3289)
@@ -979,7 +979,7 @@
 CVE-2002-2208 (Extended Interior Gateway Routing Protocol (EIGRP), as 
implemented in ...)
        NOT-FOR-US: IOS
 CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for 
...)
-       - fetchmail <unfixed> (bug #343836; low)
+       - fetchmail 6.3.1-1 (bug #343836; low)
 CVE-2005-4418 [Default policy in util-vserver prior to 0.30.208 trusted 
unknown capabilities]
        RESERVED
        - util-vserver 0.30.208-1
@@ -2812,6 +2812,7 @@
        RESERVED
        {DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
        - kdegraphics 3.5.0-3
+       - gpdf <unfixed>
        - xpdf 3.01-4
        - koffice 1:1.4.2-6 (bug #342294)
        - libextractor 0.5.9-1
@@ -2819,6 +2820,7 @@
        {DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
        - poppler 0.4.3-2
        - kdegraphics 3.5.0-3
+       - gpdf <unfixed>
        - xpdf 3.01-4
        - koffice 1:1.4.2-6 (bug #342294)
        - libextractor 0.5.9-1
@@ -2827,6 +2829,7 @@
        - poppler 0.4.3-2
        - kdegraphics 3.5.0-3
        - xpdf 3.01-4
+       - gpdf <unfixed>
        - koffice 1:1.4.2-6 (bug #342294)
        - libextractor 0.5.9-1
 CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, 
poppler, ...)
@@ -2834,11 +2837,13 @@
        - poppler 0.4.3-2
        - kdegraphics 3.5.0-3
        - xpdf 3.01-4
+       - gpdf <unfixed>
        - koffice 1:1.4.2-6 (bug #342294)
        - libextractor 0.5.9-1
 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for 
xpdf, ...)
        {DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
        - poppler 0.4.3-2
+       - gpdf <unfixed>
        - kdegraphics 3.5.0-3
        - xpdf 3.01-4
        - koffice 1:1.4.2-6 (bug #342294)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2006-01-13 10:36:59 UTC (rev 3288)
+++ data/DSA/list       2006-01-13 10:57:06 UTC (rev 3289)
@@ -1,3 +1,12 @@
+[13 Jan 2006] DSA-940-1 gpdf - buffer overflows
+       {CVE-2005-3191 CVE-2005-3192 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 
CVE-2005-3627 CVE-2005-3628}
+       [sarge] - gpdf 2.8.2-1.2sarge2
+       NOTE: Not fixed in testing at time of DSA (waiting on dep)
+[13 Jan 2006] DSA-939-1 fetchmail - programming error
+       {CVE-2005-4348}
+       [woody] - fetchmail <not-affected> (Vulnerable code not present)
+       [sarge] - fetchmail 6.2.5-12sarge4
+       NOTE: Not fixed in testing at time of DSA (unfixed in sid)
 [12 Jan 2006] DSA-938-1 koffice - buffer overflows
        {CVE-2005-3191 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 
CVE-2005-3628}
        [sarge] - koffice 1.3.5-4.sarge.2


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to