Author: jmm-guest
Date: 2006-11-08 19:41:23 +0100 (Wed, 08 Nov 2006)
New Revision: 4934
Modified:
data/CVE/list
data/DSA/list
Log:
php dsa
non-free no-dsas
elog CVEfied
rpm no-dsa
one kernel issue fixed in 2.6.18
two php non-issues
libmad issue not a bug, no real DoS potential/security impact
hdup fixed to the extent allowed by design limitations
one phpmyadmin unimportant, the other not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-08 08:14:25 UTC (rev 4933)
+++ data/CVE/list 2006-11-08 18:41:23 UTC (rev 4934)
@@ -1,9 +1,9 @@
CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows
remote ...)
TODO: check
CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c
in ELOG ...)
- TODO: check
+ - elog <unfixed> (medium; bug #392016)
CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2
and ...)
- TODO: check
+ - elog <unfixed> (medium; bug #392016)
CVE-2006-5789 (WarFTPd 1.82.00-RC11 allows remote authenticated users to cause
a ...)
TODO: check
CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and
(2) ...)
@@ -283,8 +283,6 @@
CVE-2006-XXXX [phpmyadmin XSS (PMASA-2006-6)]
- phpmyadmin 4:2.9.0.3-1 (low; bug #396638)
[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-XXXX [ELOG remote code execution and XSS]
- - elog <unfixed> (medium; bug #392016)
CVE-2006-XXXX [avahi fake netlink message vulnerability ]
- avahi 0.6.15-1 (low)
CVE-2006-5649
@@ -661,8 +659,8 @@
TODO: check
CVE-2006-5466 (Heap-based buffer overflow in the showQueryPackage function in
librpm ...)
- rpm 4.4.1-11 (low)
- NOTE: This needs further investigation, most probably a non-issue,
pinged maintainer
- NOTE: [sarge] - rpm <no-dsa> (You need to trust the RPMs you're
installing)
+ [sarge] - rpm <no-dsa> (You need to trust the RPMs you're installing)
+ NOTE: Only hypothetical, far-fetched attacks feasible
CVE-2006-5465 (Buffer overflow in PHP before 5.2.0 allows remote attackers to
execute ...)
- php4 4:4.4.4-4 (high; bug #396764)
- php5 5.1.6-6 (high; bug #396766)
@@ -960,6 +958,7 @@
CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin
9.0.16 for ...)
- flashplugin-nonfree <unfixed> (medium)
[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported, only
installer package)
+ [etch] - flashplugin-nonfree <no-dsa> (Contrib not supported, only
installer package)
TODO: file bug when upstream fix is released
CVE-2006-5329
RESERVED
@@ -1227,6 +1226,7 @@
NOT-FOR-US: Linksys
CVE-2006-5201 (Multiple packages on Sun Solaris, including (1) NSS; (2) Java
JDK and ...)
- sun-java5 <unfixed> (bug #393042)
+ [etch] - sun-java5 <no-dsa> (Non-free not supported)
NOTE: this is similar to CVE-2006-4339
CVE-2006-5200 (Unspecified vulnerability in Adobe Breeze 5 Licensed Server and
Breeze ...)
NOT-FOR-US: Adobe
@@ -1286,7 +1286,7 @@
- linux-2.6 <unfixed>
NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4
CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a
context ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.18-1
CVE-2006-5172
RESERVED
CVE-2006-5171
@@ -1410,9 +1410,11 @@
CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the
PDD ...)
NOT-FOR-US: PHPSelect Web Development Division
CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the
web ...)
- - phpmyadmin 4:2.9.0.2-0.1 (bug #391090; low)
+ - phpmyadmin 4:2.9.0.2-0.1 (bug #391090; unimportant)
+ NOTE: Only path disclosure
CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
- phpmyadmin 4:2.9.0.2-0.1 (bug #391090; low)
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87
allows ...)
NOT-FOR-US: KGB
CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in
SAP ...)
@@ -6113,14 +6115,16 @@
CVE-2006-3019 (Multiple PHP remote file inclusion vulnerabilities in phpCMS
1.2.1pl2 ...)
NOT-FOR-US: phpCMS
CVE-2006-3018 (Unspecified vulnerability in the session extension
functionality in ...)
- - php5 5.1.4-0.1 (medium)
- - php4 <unfixed> (medium)
+ - php5 5.1.4-0.1 (unimportant)
+ - php4 <unfixed> (unimportant)
+ NOTE: Sanitising is the application's responsibilitys
CVE-2006-3017 (zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3
and 5.x ...)
- php5 5.1.4-0.1 (medium)
- php4 4:4.4.4-1 (medium; bug #381998)
CVE-2006-3016 (Unspecified vulnerability in session.c in PHP before 5.1.3 has
unknown ...)
- - php5 5.1.4-0.1 (medium)
- - php4 4:4.4.4-1 (medium; bug #382259)
+ - php5 5.1.4-0.1 (unimportant)
+ - php4 4:4.4.4-1 (unimportant; bug #382259)
+ NOTE: Sanitising is the application's responsibilitys
CVE-2006-3015 (Argument injection vulnerability in WinSCP 3.8.1 build 328
allows ...)
NOT-FOR-US: WinSCP
CVE-2006-3014 (Microsoft Excel allows user-assisted attackers to execute
arbitrary ...)
@@ -7516,6 +7520,7 @@
- clamav <not-affected> (clamav-freshclam doesn't ship freshclam setuid
or setgid)
CVE-2006-2426 (Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK
1.5.0_6 ...)
- sun-java5 <unfixed>
+ [etch] - sun-java5 <no-dsa> (Non-free not supported)
CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php
in ...)
NOT-FOR-US: phpRemoteView
CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6
and ...)
@@ -17325,9 +17330,6 @@
- squid <not-affected> (bug #334882; medium)
NOTE: Bug was introduced in a patch to squid-2.5.STABLE10,
NOTE: this patch was never applied to the Debian package.
-CVE-2005-XXXX [libmad: Assertion failed; buffer overflow]
- - libmad <unfixed> (bug #287519; low)
- - mad <removed>
CVE-2005-3256 (The key selection dialogue in Enigmail before 0.92.1 can
incorrectly ...)
{DSA-889-1}
- enigmail 2:0.93-1 (bug #335731; medium)
@@ -17772,8 +17774,9 @@
CVE-2004-XXXX [Barrendero spool world-readable]
- barrendero 1.1-1 (bug #279163)
CVE-2005-XXXX [hdup inproperly preserves permissions on directories]
- - hdup <unfixed> (bug #302790; low)
- [sarge] - hdup <no-dsa> (Mostly a bug, very limited security
implications)
+ - hdup 2.0.14-2 (bug #302790; low)
+ NOTE: Minor issue, workaround and patch documented since version above
+ [sarge] - hdup <no-dsa> (Mostly a design limitation, very limited
security implications)
CVE-2001-XXXX [crypt++ passes passwords through the command line]
- crypt++el 2.91-2.1 (bug #105562; low)
CVE-2004-XXXX [Two vulnerabilities in sredird]
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2006-11-08 08:14:25 UTC (rev 4933)
+++ data/DSA/list 2006-11-08 18:41:23 UTC (rev 4934)
@@ -1,3 +1,6 @@
+[06 Nov 2006] DSA-1206-1 php4
+ {CVE-2005-3353 CVE-2006-3017 CVE-2006-4482 CVE-2006-5465}
+ [sarge] - php4 4:4.3.10-18
[02 Nov 2006] DSA-1205-1 thttpd - insecure temporary files
{CVE-2006-4248}
[sarge] - thttpd 2.23beta1-3sarge2
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
