[Secure-testing-commits] r3545 - in data: CVE DSA

Tue, 28 Feb 2006 06:48:49 -0800 

Author: jmm-guest
Date: 2006-02-28 14:47:47 +0000 (Tue, 28 Feb 2006)
New Revision: 3545

Modified:
   data/CVE/list
   data/DSA/list
Log:
three new DSA
no-dsa for obscure MIT kerberos info leaks


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-02-26 21:53:35 UTC (rev 3544)
+++ data/CVE/list       2006-02-28 14:47:47 UTC (rev 3545)
@@ -16057,7 +16057,11 @@
 CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on 
Solaris and ...)
        TODO: check heimdal, netkit-telnet-ssl
        - krb4 <unfixed> (low)
+       [woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
+       [sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
        - krb5 <unfixed> (low)
+       [woody] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
+       [sarge] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
        - netkit-telnet <not-affected> (netkit-telnet is not affected)
 CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 
allows ...)
        NOTE: This is not a real security issue; it just describes the fact 
that the Gecko

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2006-02-26 21:53:35 UTC (rev 3544)
+++ data/DSA/list       2006-02-28 14:47:47 UTC (rev 3545)
@@ -1,3 +1,16 @@
+[27 Feb 2006] DSA-983-1 pdftohtml - several
+       {CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+       [sarge] - pdftohtml 0.36-11sarge2
+       NOTE: sid is not affected, just a revamp of previous patches
+[27 Feb 2006] DSA-982-1 gpdf - several
+       {CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+       [sarge] - pgdf 2.8.2-1.2sarge4
+       NOTE: sid is not affected, just a revamp of previous patches
+[26 Feb 2006] DSA-981-1 bmv - integer overflow
+       {CVE-2005-3278}
+       [woody] - bmv 1.2-14.3
+       [sarge] - bmv 1.2-17sarge1
+       NOTE: fixed in testing at the time of DSA
 [22 Feb 2006] DSA-980-1 tutos - several
        {CVE-2004-2161 CVE-2004-2162}
        [sarge] - tutos 1.1.20031017-2+1sarge1


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to