[Secure-testing-commits] r2687 - data/CVE

Joey Hess joeyh at costa.debian.org
Mon Nov 7 21:14:25 UTC 2005 

Author: joeyh
Date: 2005-11-07 21:14:19 +0000 (Mon, 07 Nov 2005)
New Revision: 2687

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-07 17:30:10 UTC (rev 2686)
+++ data/CVE/list	2005-11-07 21:14:19 UTC (rev 2687)
@@ -165,6 +165,7 @@
 CVE-2005-3410
 	RESERVED
 CVE-2005-3409 (OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote ...)
+	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #337334; low)
 CVE-2005-3408 (SQL injection vulnerability in news.php in gCards version 1.43 allows ...)
 	NOT-FOR-US: gCards
@@ -197,6 +198,7 @@
 CVE-2005-3394 (Multiple SQL injection vulnerabilities in forum.php in oaboard forum ...)
 	NOT-FOR-US: oaboard
 CVE-2005-3393 (Format string vulnerability in the foreign_option function in ...)
+	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #336751; medium)
 CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual ...)
 	- php4 <unfixed> (bug #336645; unknown)
@@ -307,6 +309,7 @@
 	RESERVED
 CVE-2005-3344 [Insecure default configuration in Debian's horde3]
 	RESERVED
+	{DSA-884-1}
 	- horde3 3.0.5-2 (#332290; #332289; medium)
 CVE-2005-3343
 	RESERVED
@@ -380,6 +383,7 @@
 	- php4 <unfixed> (bug #336004; low)
 	- php5 <unfixed> (bug #336005; low)
 CVE-2005-3318 (Buffer overflow in the _chm_decompress_block function in CHM lib ...)
+	{DSA-886-1}
 	- chmlib 0.37-1 (bug #335931; medium)
 CVE-2005-3317 (Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and ...)
 	NOT-FOR-US: ZipGenius
@@ -1662,6 +1666,7 @@
 	NOTE: epiphany-browser is apparently fixed fix the mozilla-browser
 	NOTE: upload; see bug #327366
 CVE-2005-2930 (Stack-based buffer overflow in the _chm_find_in_PMGL function in ...)
+	{DSA-886-1}
 	- chmlib 0.36-1 (bug #327431)
 CVE-2005-2802
 	REJECTED
@@ -1821,7 +1826,7 @@
 CVE-2005-2795
 	RESERVED
 CVE-2005-2794 (store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to ...)
-	{DSA-809-2 DSA-809-1}
+	{DSA-809-3 DSA-809-1}
 	- squid 2.5.10-5 (medium)
 CVE-2005-2793 (PHP remote code injection vulnerability in welcome.php in phpLDAPadmin ...)
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
@@ -2157,6 +2162,7 @@
 	- apachetop 0.12.5-3 (unknown)
 CVE-2005-2659 [Buffer overflow in chmlib's LZX decompressor]
 	RESERVED
+	{DSA-886-1}
 	- chmlib 0.37-2 (unknown)
 CVE-2005-2658 (Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 ...)
 	{DSA-812-1}
@@ -13920,6 +13926,7 @@
 CVE-2004-0793 (The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop ...)
 	- bsdmainutils 6.0.15
 CVE-2004-0792 (Directory traversal vulnerability in the sanitize_path function in ...)
+	{DSA-538}
 	- rsync 2.6.2-3
 CVE-2004-0791 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...)
 	NOTE: All 2.4 and 2.6 kernels verify the TCP sequence numbering when errors occur

More information about the Secure-testing-commits mailing list