[Secure-testing-commits] r3668 - data/CVE

Moritz Muehlenhoff Thu, 23 Mar 2006 02:25:48 -0800

Author: jmm-guest
Date: 2006-03-23 10:24:34 +0000 (Thu, 23 Mar 2006)
New Revision: 3668


Modified:
   data/CVE/list
Log:
mark three flash issues as no-dsa
readjust older icecast issues upstream has evaluated as non-issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-03-23 09:49:37 UTC (rev 3667)
+++ data/CVE/list       2006-03-23 10:24:34 UTC (rev 3668)
@@ -4668,6 +4668,7 @@
        RESERVED
 CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 
8.0.22.0 ...)
        - flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
+       [sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash 
plugin)
 CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and 
possibly ...)
        NOT-FOR-US: Microsoft
 CVE-2006-0022
@@ -5685,6 +5686,7 @@
        NOT-FOR-US: CuteNews
 CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and 
earlier ...)
        - flashplugin-nonfree 7.0.61-1 (bug #339290; high)
+       [sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash 
plugin)
 CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow 
remote ...)
        NOT-FOR-US: FileZilla
 CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook 
2.2 ...)
@@ -8597,6 +8599,7 @@
        - helix-player 1.0.6-1 (bug #340270; medium)
 CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to 
...)
        - flashplugin-nonfree 7.0.61-1.1 (bug #339290; high)
+       [sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash 
plugin)
 CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow 
remote ...)
        {DSA-788-1 DTSA-1-1}
        - kismet 2005.08.R1-1 (bug #323386; high)
@@ -15847,9 +15850,11 @@
        - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
        [sarge] - kernel-source-2.6.8 2.6.8-16
 CVE-2005-0838 (Multiple buffer overflows in the XSL parser for IceCast 2.20 
may allow ...)
-       - icecast2 <unfixed> (bug #301368; low)
+       - icecast2 <unfixed> (bug #301368; unimportant)
+       NOTE: According to upstream a non-issue
 CVE-2005-0837 (IceCast 2.20 allows remote attackers to bypass the XSL parser 
and ...)
-       - icecast2 <unfixed> (bug #301368; low)
+       - icecast2 <unfixed> (bug #301368; unimportant)
+       NOTE: According to upstream a non-issue
 CVE-2005-0836 (Argument injection vulnerability in Java Web Start for J2SE 
1.4.2 up ...)
        NOT-FOR-US: Java Web Start for proprietary Sun Java
 CVE-2005-0835 (The SNMP service in the Belkin 54G (F5D7130) wireless router 
allows ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3668 - data/CVE

Reply via email to