[Secure-testing-commits] r3045 - data/CVE

Joey Hess joeyh at costa.debian.org
Wed Dec 14 21:14:25 UTC 2005 

Author: joeyh
Date: 2005-12-14 21:14:19 +0000 (Wed, 14 Dec 2005)
New Revision: 3045

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-14 20:47:57 UTC (rev 3044)
+++ data/CVE/list	2005-12-14 21:14:19 UTC (rev 3045)
@@ -2768,6 +2768,7 @@
 	- kernel-source-2.4.27 <not-affected>
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge1
 CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in ...)
+	{DSA-921-1}
 	- linux-2.6 2.6.13-1 (low)
 	- kernel-source-2.4.27 2.4.27-11 (low)
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge1 (low)
@@ -4256,6 +4257,7 @@
 	{DSA-793-1}
 	- courier 0.47-8 (medium; bug #325631)
 CVE-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 ...)
+	{DSA-921-1}
 	- kernel-source-2.6.8 2.6.8-16sarge1 (medium)
 	TODO: When was this fixed in sid for 2.4?
 	NOTE: this was fixed upstream in 2.6.11 (See bug #328395)
@@ -4267,6 +4269,7 @@
 	NOTE: Dave Miller didn't like the proposed fix and considers a complete rewrite
 	NOTE: of ipt_recent the best solution, which seems to occur soon
 CVE-2005-2872 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel before ...)
+	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
 	- kernel-source-2.6.8 2.6.8-16sarge2 (medium)
 CVE-2005-2761 (Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 ...)
@@ -4999,6 +5002,7 @@
 CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...)
 	NOT-FOR-US: Network Associated ePolicy Orchestrator Agent
 CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x ...)
+	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-12 (bug #323363; medium)
 CVE-2005-2552 (Unknown vulnerability in HP ProLiant DL585 servers running Integrated ...)
 	NOT-FOR-US: Integrated Light Out in HP servers
@@ -5218,11 +5222,11 @@
 CVE-2005-2469 (Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C ...)
 	NOT-FOR-US: Novell NetMail
 CVE-2005-2459 (The huft_build function in inflate.c in the zlib routines in the Linux ...)
-	{DTSA-16-1}
+	{DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
 CVE-2005-2458 (inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 ...)
-	{DTSA-16-1}
+	{DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173; medium)
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge1 (medium)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
@@ -5374,7 +5378,7 @@
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge2 (medium)
 	[sarge] - kernel-source-2.4.27 2.4.27-10sarge2 (medium)
 CVE-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in ...)
-	{DTSA-16-1}
+	{DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 CVE-2005-2455 (Greasemonkey before 0.3.5 allows remote web servers to (1) read ...)
@@ -8359,8 +8363,10 @@
 	{DSA-756-1}
 	- squirrelmail 2:1.4.4-6sarge1 (bug #314374; medium)
 CVE-2005-1768 (Race condition in the ia32 compatibility code for the execve system ...)
+	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium; bug #319629)
 CVE-2005-1767 (traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment ...)
+	{DSA-921-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	TODO: Add which revision fixed this
 	- kernel-source-2.4.27 2.4.27-11 (unknown)
@@ -8381,7 +8387,7 @@
 	[sarge] - kernel-source-2.6.8 2.6.8-17
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 CVE-2005-1762 (The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 ...)
-	{DTSA-16-1}
+	{DSA-921-1 DTSA-16-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 	[sarge] - kernel-source-2.6.8 2.6.8-17
 	- kernel-source-2.4.27 2.4.27-11
@@ -11827,10 +11833,12 @@
 	- gzip 1.3.5-10
 	- bzip2 1.0.2-8.1 (bug #321286; medium)
 CVE-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise Linux ...)
+	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #311164)
 	[sarge] - kernel-source-2.6.8 2.6.8-17
 	- linux-2.6 <not-affected> (Fixed before upload in archive)
 CVE-2005-0756 (ptrace 2.6.8.1 does not properly verify addresses on the amd64 ...)
+	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 	[sarge] - kernel-source-2.6.8 2.6.8-17 (medium)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)

More information about the Secure-testing-commits mailing list