[Secure-testing-commits] r3808 - data/CVE

Fri, 14 Apr 2006 13:47:37 -0700 

Author: stef-guest
Date: 2006-04-14 20:47:04 +0000 (Fri, 14 Apr 2006)
New Revision: 3808

Modified:
   data/CVE/list
Log:
we have three versions of gnutls in sid, only one is fixed
xmame fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-14 14:43:24 UTC (rev 3807)
+++ data/CVE/list       2006-04-14 20:47:04 UTC (rev 3808)
@@ -1,15 +1,15 @@
 CVE-2006-XXXX [two amaya buffer overflows]
        - amaya <unfixed> (bug #362575)
 CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php 
in ...)
-       TODO: check
+       NOT-FOR-US: pajax
 CVE-2006-1788 (Adobe Document Server for Reader Extensions 6.0, during log on, 
...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2006-1787 (Adobe Document Server for Reader Extensions 6.0 includes a 
user's ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2006-1786 (Cross-site scripting (XSS) vulnerability in Adobe Document 
Server for ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2006-1785 (Adobe Document Server for Reader Extensions 6.0 allows remote 
...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2006-1784 (PHP remote file inclusion vulnerability in admin/configset.php 
in ...)
        TODO: check
 CVE-2006-1783 (Cross-site scripting (XSS) vulnerability in PatroNet CMS allows 
remote ...)
@@ -2692,7 +2692,9 @@
        {DSA-986-1 DSA-985-1}
        - libtasn1-2 <unfixed> (bug #352182)
        NOTE: upload of 0.3.1-1 was reverted in 1:0.2.17-2 because of soname 
change
-       - gnutls <unfixed>
+       - gnutls13 1.3.5-1
+       - gnutls12 <unfixed>
+       - gnutls11 <unfixed>
 CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in 
PHP-Nuke 7.8, ...)
        NOT-FOR-US: PHP-Nuke
 CVE-2005-4714 (Format string vulnerability in the vmps_log function in 
OpenVMPS (VLAN ...)
@@ -3907,7 +3909,7 @@
 CVE-2006-0177 (Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow 
local ...)
        NOT-FOR-US: Cray UNICOS
 CVE-2006-0176 (Buffer overflow in certain functions in src/fileio.c and ...)
-       - xmame <unfixed> (medium; bug #349653)
+       - xmame 0.104-1 (medium; bug #349653)
        NOTE: Only xmame-svgalib is vulnerable, the xmame-x package has a 
debconf
        NOTE: question, that makes it very clear that setuid root is only for 
single-user
        NOTE: systems and xmame-sdl and xmess aren't setuid at all


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to