[Secure-testing-commits] r3667 - in data: CVE DSA

Moritz Muehlenhoff Thu, 23 Mar 2006 01:50:18 -0800

Author: jmm-guest
Date: 2006-03-23 09:49:37 +0000 (Thu, 23 Mar 2006)
New Revision: 3667


Modified:
   data/CVE/list
   data/DSA/list
Log:
sendmail DSA
firebird2 DSA
sa-exim fixed



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-03-22 21:55:15 UTC (rev 3666)
+++ data/CVE/list       2006-03-23 09:49:37 UTC (rev 3667)
@@ -1,5 +1,3 @@
-CVE-2006-2043 [firebird2 remote DoS]
-       - firebird2 1.5.3.4870-3 (bug #357580)
 CVE-2006-1341 (SQL injection vulnerability in events.php in Maian Events 1.0 
allows ...)
        NOT-FOR-US: Maian Events
 CVE-2006-1340 (CuteNews 1.4.1 and possibly other versions allows remote 
attackers to ...)
@@ -177,7 +175,7 @@
 CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight 
Calendar (LWC) ...)
        TODO: check
 CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to 
delete ...)
-       - sa-exim <unfixed> (bug #345071; bug #356301)
+       - sa-exim 4.2.1-1 (bug #345071; bug #356301)
 CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail 
before 4.3 ...)
        TODO: check
 CVE-2006-1249 (** UNVERIFIABLE, PRERELEASE ** ...)
@@ -3106,9 +3104,9 @@
        RESERVED
 CVE-2006-0059
        RESERVED
-CVE-2006-0058 [sendmail integer overflows]
+CVE-2006-0058 [sendmail sighandler attacks]
        RESERVED
-       - sendmail <unfixed>
+       - sendmail 8.13.6-1 (high)
 CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote 
attackers ...)
        NOT-FOR-US: Windows
 CVE-2006-0056 (Double-free vulnerability in the authentication and 
authentication ...)
@@ -13453,7 +13451,7 @@
 CVE-2004-2044 (PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase 
such ...)
        NOT-FOR-US: no_package
 CVE-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other 
...)
-       NOT-FOR-US: no_package
+       - firebird2 1.5.3.4870-3 (bug #357580)
 CVE-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow 
remote ...)
        NOT-FOR-US: no_package
 CVE-2004-2041 (PHP remote code injection vulnerability in 
secure_img_render.php in ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2006-03-22 21:55:15 UTC (rev 3666)
+++ data/DSA/list       2006-03-23 09:49:37 UTC (rev 3667)
@@ -1,3 +1,10 @@
+[23 Mar 2006] DSA-1015-1 sendmail - programming error
+       {CVE-2006-0058}
+       [woody] - sendmail 8.12.3-7.2
+       [sarge] - sendmail 8.13.4-3sarge1
+[23 Mar 2006] DSA-1014-1 firebird2 - buffer overflow
+       {CVE-2004-2043}
+       [sarge] - firebird2 1.5.1-4sarge1
 [22 Mar 2006] DSA-1013-1 snmptrapfmt - insecure temporary file
        {CVE-2006-0050}
        [woody] - snmptrapfmt 1.03woody1


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3667 - in data: CVE DSA

Reply via email to