Author: pedrib-guest
Date: 2010-01-25 00:46:48 +0000 (Mon, 25 Jan 2010)
New Revision: 13906
Modified:
data/CVE/list
Log:
cleaned latent issues CVE-2006-0049, CVE-2006-0455 and CVE-2005-1849
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-25 00:39:01 UTC (rev 13905)
+++ data/CVE/list 2010-01-25 00:46:48 UTC (rev 13906)
@@ -63107,9 +63107,7 @@
CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature
...)
{DSA-978-1}
- gnupg 1.4.2.2-1 (bug #353017; bug #353019; bug #354620; medium)
- [sarge] - gnupg2 <not-affected> (Vulnerable code not activated)
- NOTE:
http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html indicates
that
- NOTE: *all* versions are affected because gpg --verify is also affected
+ - gnupg2 <not-affected> (Vulnerable code not activated)
CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing
an ...)
- linux-2.6 2.6.15-5
[sarge] - kernel-source-2.6.8 <not-affected>
@@ -64271,7 +64269,7 @@
CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify
non-detached ...)
{DSA-993-2}
- gnupg 1.4.2.2-1 (bug #356125; medium)
- [sarge] - gnupg2 <not-affected> (Vulnerable code not activated)
+ - gnupg2 <not-affected> (Vulnerable code not activated)
CVE-2006-0048 (Francesco Stablum tcpick 0.2.1 allows remote attackers to cause
a ...)
- tcpick 0.2.1-3 (bug #360571; low)
[sarge] - tcpick <no-dsa> (Minor issue)
@@ -73573,6 +73571,7 @@
NOTE: This is only contrib code not built in the binary packages AFAIK
- zlib 1:1.2.3-1 (low)
- zsync 0.4.1-1 (low)
+ - sash 3.7-5sarge1 (low)
NOTE: zsync 0.4.0-2 (mentioned in DSA-797-1) was never uploaded.
CVE-2005-1848 (The dhcpcd DHCP client before 1.3.22 allows remote attackers to
cause ...)
{DSA-750-1}
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
