[Secure-testing-commits] r3978 - data/CVE

Fri, 19 May 2006 06:56:13 -0700 

Author: alec-guest
Date: 2006-05-19 13:55:35 +0000 (Fri, 19 May 2006)
New Revision: 3978

Modified:
   data/CVE/list
Log:
* found fixed versions of hamlib and mozilla-thunderbird
* opened bug for twiki


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-05-19 09:28:16 UTC (rev 3977)
+++ data/CVE/list       2006-05-19 13:55:35 UTC (rev 3978)
@@ -2361,7 +2361,7 @@
        - tcpquota <unfixed> (bug #358369; low)
        [sarge] - tcpquota <no-dsa> (Only exploitable with strange AFS cell 
name)
 CVE-2006-XXXX [hamlib3-perl rpath set to user home]
-       - hamlib <unfixed> (bug #358166; low)
+       - hamlib 1.2.5-3 (bug #358166; low)
        [sarge] - hamlib <no-dsa> (Only exploitable with strange user name)
 CVE-2006-1550 (Multiple buffer overflows in the xfig import code 
(xfig-import.c) in ...)
        {DSA-1025-1}
@@ -2593,7 +2593,7 @@
 CVE-2006-1388 (Unspecified vulnerability in Microsoft Internet Explorer 6.0 
allows ...)
        NOT-FOR-US: Internet Explorer
 CVE-2006-1387 (TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote 
...)
-       - twiki <unfixed>
+       - twiki <unfixed> (bug #367973)
        TODO: see if fw's patch secures this in Debian
 CVE-2006-1386 (The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 
ignore ...)
        - twiki <not-affected> (only affects 4.0.0 - 4.1.0, version in Debian 
too young) 
@@ -5303,7 +5303,7 @@
 CVE-2006-0237 (Cross-site scripting (XSS) vulnerability in index.php in GTP 
iCommerce ...)
        NOT-FOR-US: GTP iCommerce
 CVE-2006-0236 (GUI display truncation vulnerability in Mozilla Thunderbird 
1.0.2, ...)
-       - mozilla-thunderbird <unfixed> (bug #349242; bug #363777; medium)
+       - mozilla-thunderbird 1.5.0.2-1 (bug #349242; bug #363777; medium)
 CVE-2006-0235 (SQL injection vulnerability in WhiteAlbum 2.5 allows remote 
attackers ...)
        NOT-FOR-US: WhiteAlbum
 CVE-2006-0234 (SQL injection vulnerability in index.php in microBlog 2.0 RC-10 
allows ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to