[Secure-testing-commits] r3161 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Dec 26 01:26:49 UTC 2005 

Author: jmm-guest
Date: 2005-12-26 01:26:44 +0000 (Mon, 26 Dec 2005)
New Revision: 3161

Modified:
   data/CVE/list
Log:
kernel update


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-25 18:43:04 UTC (rev 3160)
+++ data/CVE/list	2005-12-26 01:26:44 UTC (rev 3161)
@@ -456,9 +456,9 @@
 	[sarge] - cpio <unfixed>
 	[woody] - cpio <unfixed>
 CVE-2005-4267 (Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm WorldMail
 CVE-2004-2652 (The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when ...)
-	TODO: check
+	- snort 2.3.0-1
 CVE-2004-2651 (Multiple cross-site scripting (XSS) vulnerabilities in YaCy before ...)
 	NOT-FOR-US: YaCy
 CVE-2003-1289 (The iBCS2 system call translator for statfs in NetBSD 1.5 through ...)
@@ -2047,7 +2047,7 @@
 CVE-2005-3658
 	RESERVED
 CVE-2005-3657 (The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2005-3656
 	RESERVED
 CVE-2005-3655
@@ -2057,7 +2057,7 @@
 CVE-2005-3653
 	RESERVED
 CVE-2005-3652 (Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2005-3651 (Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ...)
 	{DSA-920-1}
 	- ethereal 0.10.13-1.1 (bug #342911; medium)
@@ -17119,7 +17119,9 @@
 	- mysql-dfsg-4.1 4.1.11a-1 (bug #330164; medium)
 	- mysql-dfsg-5.0 <not-affected> (Was fixed before MySQL 5.0 was uploaded into the archive)
 CVE-2004-0626 (The tcp_find_option function of the netfilter subsystem in Linux ...)
-	NOTE: fixed after 2.6.6 kernel
+	[sarge] - kernel-source-2.6.8 2.6.8-1
+	- kernel-source-2.4.27 <not-affected>
+	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
 CVE-2004-0625 (SQL injection vulnerability in Infinity WEB 1.0 allows remote ...)
 	NOT-FOR-US: Infinity WEB
 CVE-2004-0624 (PHP remote code injection vulnerability in index.php for Artmedic ...)

More information about the Secure-testing-commits mailing list