Author: alec-guest
Date: 2006-05-19 15:01:50 +0000 (Fri, 19 May 2006)
New Revision: 3979
Modified:
data/CVE/list
Log:
found fixed versions for gnome-screensaver, dokuwiki, and cfengine2 vulns
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-19 13:55:35 UTC (rev 3978)
+++ data/CVE/list 2006-05-19 15:01:50 UTC (rev 3979)
@@ -2710,7 +2710,7 @@
CVE-2006-1336 (Cross-site scripting vulnerability in calendar.php in
ExtCalendar 1.0 ...)
NOT-FOR-US: ExtCalendar
CVE-2006-1335 (gnome screensaver before 2.14, when running on an X server with
...)
- - gnome-screensaver <unfixed> (bug #357885)
+ - gnome-screensaver 2.14.1-1 (bug #357885)
CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0
allow ...)
NOT-FOR-US: Maian Weblog
CVE-2006-1333 (Multpile SQL injection vulnerabilities in BetaParticle Blog 6.0
and ...)
@@ -3092,7 +3092,7 @@
CVE-2006-1167
RESERVED
CVE-2006-1165 (Cross-site scripting (XSS) vulnerability in the mediamanager
module in ...)
- - dokuwiki <unfixed> (bug #357436)
+ - dokuwiki 0.0.20060309-3 (bug #357436)
CVE-2006-1164 (Nodez 4.6.1.1 and earlier stores sensitive data in the
list.gtdat file ...)
NOT-FOR-US: Nodez
CVE-2006-1163 (Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1
allows ...)
@@ -10538,7 +10538,7 @@
CVE-2005-2960 (cfengine 1.6.5 and 2.1.16 allows local users to overwrite
arbitrary ...)
{DSA-836-1 DSA-835-1}
- cfengine <unfixed> (bug #332433; low)
- - cfengine2 <unfixed> (bug #332432; low)
+ - cfengine2 2.1.17-1 (bug #332432; low)
NOTE: maintainer does not think it's a hole, script is unused/broken
CVE-2005-2959 (Incomplete blacklist vulnerability in sudo 1.6.8 and earlier
allows ...)
{DSA-870-1}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
