[Secure-testing-commits] r3819 - data/CVE

Mon, 17 Apr 2006 09:28:48 -0700 

Author: stef-guest
Date: 2006-04-17 16:28:07 +0000 (Mon, 17 Apr 2006)
New Revision: 3819

Modified:
   data/CVE/list
Log:
linux kernel fixes
stlport5 fixed
python-cherrypy fixed
new kphone issue fixed
new resmgr issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-15 21:14:32 UTC (rev 3818)
+++ data/CVE/list       2006-04-17 16:28:07 UTC (rev 3819)
@@ -1,5 +1,9 @@
 CVE-2006-XXXX [two amaya buffer overflows]
        - amaya <unfixed> (bug #362575)
+CVE-2006-XXXX [kphone stores SIP passwords in world readable files]
+       - kphone 4.2-3 (bug #337830)
+CVE-2006-XXXX [resmgr access restriction bypass]
+       - resmgr 1.0-4 (low)
 CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php 
in ...)
        NOT-FOR-US: pajax
 CVE-2006-1788 (Adobe Document Server for Reader Extensions 6.0, during log on, 
...)
@@ -739,9 +743,9 @@
        RESERVED
        - linux-2.6 <unfixed>
 CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling 
...)
-       - linux-2.6 <unfixed>
+       - linux-2.6 2.6.16-7
 CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 
2.6.16.1 ...)
-       - linux-2.6 <unfixed>
+       - linux-2.6 2.6.16-7
 CVE-2006-1521
        RESERVED
 CVE-2006-1520
@@ -1983,7 +1987,7 @@
 CVE-2006-0964 (Client Firewall in NCP Network Communication Secure Client 8.11 
Build ...)
        NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0963 (Multiple buffer overflows in STLport 5.0.2 might allow local 
users to ...)
-       - stlport5 <unfixed> (bug #358471; medium)
+       - stlport5 5.0.2-1 (bug #358471; medium)
 CVE-2006-0962 (SQL injection vulnerability in vuBB 0.2 allows remote attackers 
to ...)
        NOT-FOR-US: VuBB
 CVE-2006-0961 (SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 
allows ...)
@@ -2239,7 +2243,7 @@
        NOT-FOR-US: Apple Safari
 CVE-2006-0847 (Directory traversal vulnerability in the staticfilter component 
in ...)
        - cherrypy2.1 2.1.1-1 (bug #353542)
-       - python-cherrypy <unfixed> (bug #354479)
+       - python-cherrypy 2.1.1-1 (bug #354479)
 CVE-2006-0846 (Multiple cross-site scripting (XSS) vulnerabilities in Leif M. 
...)
        NOT-FOR-US: Leif M. Wright's Blog
 CVE-2006-0845 (Leif M. Wright's Blog 3.5 allows remote authenticated users 
with ...)
@@ -2465,7 +2469,7 @@
        - xfree86 <not-affected>
 CVE-2006-0744 [x86_64: When user could have changed RIP always force IRET]
        RESERVED
-       - linux-2.6 <unfixed>
+       - linux-2.6 2.6.16-7
 CVE-2006-0743 (Format string vulnerability in LocalSyslogAppender in Apache 
log4net ...)
        NOT-FOR-US: Log4Net
 CVE-2006-0742 (The die_if_kernel function in arch/ia64/kernel/unaligned.c in 
Linux ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to