Author: stef-guest
Date: 2006-05-02 18:16:08 +0000 (Tue, 02 May 2006)
New Revision: 3909
Modified:
data/CVE/list
Log:
remove old -XXXX entries that now have a CVE:
amaya CVE-2006-1900
cyrus-sasl2 CVE-2006-1721
wordpress CVE-2006-1796
add some epochs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-02 17:45:00 UTC (rev 3908)
+++ data/CVE/list 2006-05-02 18:16:08 UTC (rev 3909)
@@ -747,10 +747,8 @@
- mozilla-firefox <not-affected> (problematic fix not backported into
1.0.4-2sarge5)
CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4
and ...)
NOT-FOR-US: QuickBlogger
-CVE-2006-XXXX [two amaya buffer overflows]
- - amaya <unfixed> (bug #362575)
CVE-2006-XXXX [kphone stores SIP passwords in world readable files]
- - kphone 4.2-3 (bug #337830; low)
+ - kphone 1:4.2-3 (bug #337830; low)
CVE-2006-XXXX [resmgr access restriction bypass]
- resmgr 1.0-4 (low)
CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php
in ...)
@@ -1116,8 +1114,6 @@
NOT-FOR-US: MAXdev MD-Pro
CVE-2006-1676 (SQL injection vulnerability in the display function in the
Topics ...)
NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-XXXX [Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service]
- - cyrus-sasl2 <unfixed> (bug #361937)
CVE-2006-1675 (Multiple cross-site scripting (XSS) vulnerabilities in
PHPWebGallery ...)
NOT-FOR-US: PHPWebGallery
CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in ...)
@@ -2956,7 +2952,7 @@
CVE-2003-1294 (Xscreensaver before 4.15 creates temporary files insecurely in
(1) ...)
- xscreensaver 4.15-1
CVE-2006-0883 (OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does
not ...)
- - openssh 3.8.1p1-4
+ - openssh 1:3.8.1p1-4
[woody] - openssh <not-affected>
CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's
Classifieds ...)
NOT-FOR-US: Noah's Classifieds
@@ -3124,7 +3120,7 @@
CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses
fixed ...)
NOT-FOR-US: php-Nuke
CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers
to ...)
- - tin 1.8.1
+ - tin 1:1.8.1
CVE-2006-0803 (The signature verification functionality in the YaST Online
Update ...)
NOT-FOR-US: YaSt Online Update
CVE-2006-0802 (Cross-site scripting (XSS) vulnerability in the NS-Languages
module ...)
@@ -3511,8 +3507,6 @@
CVE-2006-XXXX [dpkg-sig: insecure temp file bug]
- dpkg-sig 0.13 (bug #352723; low)
[sarge] - dpkg-sig <no-dsa> (Only affected in debug mode)
-CVE-2006-XXXX [Wordpress XSS]
- - wordpress 2.0.1-1 (bug #328909)
CVE-2006-XXXX [pioneers meta-server DoS]
- pioneers 0.9.55-1 (bug #351986; medium)
[sarge] - gnocatan <not-affected> (Not exploitable in Sarge per
maintainer)
@@ -7553,7 +7547,7 @@
- sysvconfig <not-affected> (sudo cleans env anyway)
CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1
DSA-932-1 DSA-931-1 DTSA-28-1}
- - kdegraphics 3.5.0-3
+ - kdegraphics 4:3.5.0-3
- gpdf 2.10.0-2 (bug #342286)
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
@@ -7564,7 +7558,7 @@
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1
DSA-932-1 DSA-931-1 DTSA-28-1}
- poppler 0.4.4-1 (bug #346076)
- tetex <not-affected> (Links dynamically to poppler)
- - kdegraphics 3.5.0-3
+ - kdegraphics 4:3.5.0-3
- gpdf 2.10.0-2 (bug #342286)
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
@@ -7574,7 +7568,7 @@
CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1
DSA-932-1 DSA-931-1 DTSA-28-1}
- poppler 0.4.3-2
- - kdegraphics 3.5.0-3
+ - kdegraphics 4:3.5.0-3
- xpdf 3.01-4
- gpdf 2.10.0-2 (bug #342286)
- koffice 1:1.4.2-6 (bug #342294)
@@ -7585,7 +7579,7 @@
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1
DSA-932-1 DSA-931-1 DTSA-28-1}
- poppler 0.4.4-1 (bug #346076)
- tetex <not-affected> (Links dynamically to poppler)
- - kdegraphics 3.5.0-3
+ - kdegraphics 4:3.5.0-3
- xpdf 3.01-4
- gpdf 2.10.0-2 (bug #342286)
- koffice 1:1.4.2-6 (bug #342294)
@@ -7597,7 +7591,7 @@
- poppler 0.4.4-1 (bug #346076)
- tetex <not-affected> (Links dynamically to poppler)
- gpdf 2.10.0-2 (bug #342286)
- - kdegraphics 3.5.0-3
+ - kdegraphics 4:3.5.0-3
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
@@ -19428,7 +19422,7 @@
CVE-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote
attackers to ...)
NOT-FOR-US: MercuryBoard
CVE-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows
remote ...)
- - phpmyadmin 2.6.2 (unimportant)
+ - phpmyadmin 4:2.6.2 (unimportant)
NOTE: From maintainer Piotr Roszatycki <[EMAIL PROTECTED]> :
NOTE: I think it is not a problem on Debian as far as everybody knows
the full
NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
