[Secure-testing-commits] r4935 - data/CVE

[Stefan Fritsch]

Author: stef-guest
Date: 2006-11-08 20:20:43 +0100 (Wed, 08 Nov 2006)
New Revision: 4935

Modified:
   data/CVE/list
Log:
- new obexpushd issue fixed (medium)
- new motion issue fixed (low)
- CVE-2006-5702/3: new tikiwiki issues fixed
- linux issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-11-08 18:41:23 UTC (rev 4934)
+++ data/CVE/list       2006-11-08 19:20:43 UTC (rev 4935)
@@ -1,3 +1,7 @@
+CVE-2006-XXXX [obexpushd arbitrary command execution]
+       - obexpushd 0.4+svn10-1 (bug #397297; medium)
+CVE-2006-XXXX [motion insecure tempfile creation]
+       - motion 3.2.3-2 (bug #393846; low)
 CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows 
remote ...)
        TODO: check
 CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c 
in ELOG ...)
@@ -173,9 +177,9 @@
 CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security 
T6533G06 ...)
        TODO: check
 CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in 
tiki-featured_link.php in ...)
-       TODO: check
+       - tikiwiki 1.9.6+dfsg-1 (low)
 CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive 
information ...)
-       TODO: check
+       - tikiwiki 1.9.6+dfsg-1 (medium)
 CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux 
kernel ...)
        TODO: check
 CVE-2006-5700
@@ -1283,7 +1287,7 @@
 CVE-2006-5175 (Cross-site request forgery (CSRF) vulnerability in the 
administrative ...)
        NOT-FOR-US: TeraStation HD-HTGL
 CVE-2006-5174 (The copy_from_user function in the uaccess code in Linux kernel 
2.6 ...)
-       - linux-2.6 <unfixed>
+       - linux-2.6 2.6.18-5
        NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4
 CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a 
context ...)
        - linux-2.6 2.6.18-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits