[Secure-testing-commits] r2924 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Dec 2 13:41:19 UTC 2005 

Author: jmm-guest
Date: 2005-12-02 13:41:14 +0000 (Fri, 02 Dec 2005)
New Revision: 2924

Modified:
   data/CVE/list
Log:
perl CVEfied
some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-02 10:02:10 UTC (rev 2923)
+++ data/CVE/list	2005-12-02 13:41:14 UTC (rev 2924)
@@ -1,6 +1,6 @@
 CVE-2005-XXXX [SQL injection in trac's ticket query module]
 	- trac 0.9.1-1 (medium)
-CVE-2005-XXXX [integer overflow in perl's format string code]
+CVE-2005-3962 [integer overflow in perl's format string code]
 	- perl <unfixed> (bug #341542; medium)
 CVE-2006-0034
 	RESERVED
@@ -3431,7 +3431,7 @@
 CVE-2005-2758 (Integer signedness error in the administrative interface for Symantec ...)
 	NOT-FOR-US: Symantec Antivirus
 CVE-2005-2757 (Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2005-2756 (Apple QuickTime before 7.0.3 allows user-complicit attackers to ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2005-2755 (Apple QuickTime Player before 7.0.3 allows user-complicit attackers to ...)
@@ -6126,9 +6126,9 @@
 CVE-2005-2125
 	RESERVED
 CVE-2005-2124 (Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-2005-2123 (Multiple integer overflows in the Graphics Rendering Engine ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-2005-2122 (Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and ...)
 	NOT-FOR-US: Windows
 CVE-2005-2121
@@ -10098,8 +10098,7 @@
 CVE-2005-1185 (MMFWLaunch.exe in Musicmatch Jukebox 10.00.2047 and earlier does not ...)
 	NOT-FOR-US: Musicmatch
 CVE-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
-	NOTE: This looks rather obscure -jmm
-	TODO: check
+	NOT-FOR-US: Apparently bogus report. at least on Linux it couldn't be reproduced
 CVE-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows ...)
 	NOT-FOR-US: mvnForum
 CVE-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access for ...)

More information about the Secure-testing-commits mailing list