[Secure-testing-commits] r3152 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sat Dec 24 13:42:35 UTC 2005 

Author: jmm-guest
Date: 2005-12-24 13:42:30 +0000 (Sat, 24 Dec 2005)
New Revision: 3152

Modified:
   data/CVE/list
Log:
new fetchmail issue
bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-24 13:37:46 UTC (rev 3151)
+++ data/CVE/list	2005-12-24 13:42:30 UTC (rev 3152)
@@ -35,7 +35,7 @@
 CVE-2005-4471 (POP3 service in Avaya Modular Messaging Message Storage Server (MSS) ...)
 	NOT-FOR-US: Avaya Modular Messaging Message Storage Server
 CVE-2005-4470 (Heap-based buffer overflow in the get_bhead function in readfile.c in ...)
-	- blender <unfixed> (bug filed; medium)
+	- blender <unfixed> (bug #344398; medium)
 CVE-2005-4469 (Multiple direct static code injection vulnerabilities in PHPGedView ...)
 	NOT-FOR-US: PHPGedView
 CVE-2005-4468 (PHP remote file include vulnerability in help_text_vars.php in ...)
@@ -286,7 +286,7 @@
 CVE-2002-2208 (Extended Interior Gateway Routing Protocol (EIGRP), as implemented in ...)
 	TODO: check
 CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for ...)
-	TODO: check
+	- fetchmail <unfixed> (bug #343836; low)
 CVE-2005-4418 [Default policy in util-vserver prior to 0.30.208 trusted unknown capabilities]
 	RESERVED
 	- util-vserver 0.30.208-1
@@ -379,7 +379,7 @@
 CVE-2005-4306 (Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 ...)
 	NOT-FOR-US: SiteNet BBS 
 CVE-2005-4305 (Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, ...)
-	- trac <unfixed> (bug filed)
+	- trac <unfixed> (bug #344006)
 CVE-2005-4304 (index.php in ezDatabase 2.1.2 and earlier allows remote attackers to ...)
 	NOT-FOR-US: ezDatabase
 CVE-2005-4303 (SQL injection vulnerability in index.php for ezDatabase 2.1.2 and ...)
@@ -1007,7 +1007,7 @@
 	NOT-FOR-US: Jax Calendar
 CVE-2005-4077 (Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 ...)
 	{DSA-919-1}
-	- curl 7.15.1-1 (bug #342339; medium) 
+	- curl 7.15.1-1 (bug #342339; bug #342696; medium) 
 	[sarge] - curl 7.13.2-2sarge4 (medium)
 	[woody] - curl <not-affected> (Only curl >= 7.11 is vulnerable)
 CVE-2005-XXXX [Buffer overflows in electricsheep]

More information about the Secure-testing-commits mailing list