[Secure-testing-commits] r3754 - data/CVE

Moritz Muehlenhoff Wed, 05 Apr 2006 07:38:22 -0700

Author: jmm-guest
Date: 2006-04-05 14:37:37 +0000 (Wed, 05 Apr 2006)
New Revision: 3754


Modified:
   data/CVE/list
Log:
merge recent shadow/base-config issue, remove mysterious
   reference to reserved old CVE ID
no-dsa for minor honeyd leak
kaffeine fixed in experimental


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-05 10:19:28 UTC (rev 3753)
+++ data/CVE/list       2006-04-05 14:37:37 UTC (rev 3754)
@@ -1,3 +1,5 @@
+CVE-2006-XXXX [openvpn missing setenv sanitising]
+       - openvpn <unfixed> (bug #360559; medium)
 CVE-2006-1614 [clamav 0.88.1 integer overflow]
        - clamav 0.88.1-1
 CVE-2006-XXXX [clamav 0.88.1 fix possible crash in cli_bitset_test()]
@@ -506,7 +508,8 @@
 CVE-2006-1377 (Cross-site scripting (XSS) vulnerability in img.php in (1) 
EasyMoblog ...)
        NOT-FOR-US: EasyMoblog
 CVE-2006-1376 (The installation of Debian GNU/Linux 3.1r1 from the network 
install CD ...)
-       - passwd 1:4.0.14-9 (bug #358210; bug #356939)
+       - shadow 1:4.0.14-9 (bug #358210; bug #356939)
+       - base-config 2.68 (bug #254068; low)
 CVE-2006-1375 (AdMan 1.0.20051221 and earlier allows remote attackers to 
obtain the ...)
        NOT-FOR-US: AdMan
 CVE-2006-1374 (SQL injection vulnerability in viewStatement.php in AdMan 
1.0.20051221 ...)
@@ -1858,6 +1861,7 @@
        NOT-FOR-US: Microsoft
 CVE-2006-0752 (Niels Provos Honeyd before 1.5 replies to certain illegal IP 
packet ...)
        - honeyd <unfixed> (bug #353064; low)
+       [sarge] - honeyd <no-dsa> (Too insignificant)
 CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in 
...)
        TODO: check
 CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers 
(SSB) ...)
@@ -3749,8 +3753,9 @@
        - libimager-perl <unfixed> (bug #359661)
 CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and 
earlier, ...)
        - mailman <unfixed> (bug #358892)
-CVE-2006-0051
+CVE-2006-0051 [kaffeine ram buffer overflow]
        RESERVED
+       - kaffeine 0.8-1
 CVE-2006-0050 (snmptrapfmt in Debian 3.0 allows local users to overwrite 
arbitrary ...)
        {DSA-1013-1}
        - snmptrapfmt 1.10
@@ -11431,10 +11436,8 @@
        NOT-FOR-US: Online Recruitment Agency
 CVE-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass 
its ...)
        NOT-FOR-US: Online-bookmarks
-CVE-2005-2348 [base-config log should not be world readable]
+CVE-2005-2348
        RESERVED
-       - base-config 2.68 (bug #254068; low)
-       NOTE: Sarge and Woody affected
 CVE-2005-2169 (Directory traversal vulnerability in source.php in Quick &amp; 
Dirty ...)
        NOT-FOR-US: PHPSource Printer
 CVE-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote 
...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3754 - data/CVE

Reply via email to