[Secure-testing-commits] r2733 - in data: CVE DSA

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2005-11-14 11:02:45 +0000 (Mon, 14 Nov 2005)
New Revision: 2733

Modified:
   data/CVE/list
   data/DSA/list
Log:
more bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-14 10:41:34 UTC (rev 2732)
+++ data/CVE/list	2005-11-14 11:02:45 UTC (rev 2733)
@@ -3448,7 +3448,7 @@
 	- vim 1:6.3-085+1 (bug #320017; medium)
 CVE-2005-2367 (Format string vulnerability in the proto_item_set_text function in ...)
 	{DSA-853-1}
-	- ethereal 0.10.12-1 (bug #320183; medium)
+	- ethereal 0.10.12-1 (bug #320183; bug #320192; medium)
 CVE-2005-2366 (Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
@@ -5884,7 +5884,7 @@
 CVE-2005-1912
 	REJECTED
 CVE-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang ...)
-	- leafnode 1.11.3.rel-1 (low)
+	- leafnode 1.11.3.rel-1 (bug #33886; low)
 CVE-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts Events ...)
 	NOT-FOR-US: WWWeb Concepts Events System
 CVE-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote ...)
@@ -6932,7 +6932,7 @@
 	RESERVED
 CVE-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
 	{DSA-892-1}
-	- awstats 6.4-1.1 (bug #322591; bug #334833; medium)
+	- awstats 6.4-1.1 (bug #322591; bug #334833; bug #336137; medium)
 CVE-2005-1526 (PHP file inclusion vulnerability in config_settings.php in Cacti ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
@@ -8282,7 +8282,7 @@
 	{DSA-805-1}
 	NOTE: This is from latest Trustix advisory, exploitation would require to trick
 	NOTE: someone into using a maliciously crafted certificate revocation list
-	- apache2 2.0.54-5 (bug #320048; bug #320063; low)
+	- apache2 2.0.54-5 (bug #320048; bug #320063; bug #322613; low)
 CVE-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly handle ...)
 	{DSA-854-1}
 	- tcpdump 3.9.0.cvs.20050614-1 (medium)
@@ -12331,7 +12331,7 @@
 	- squirrelmail 2:1.4.4-1
 CVE-2005-0074 (Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to ...)
 	{DSA-676-1}
-	- xpcd 2.08-11.1
+	- xpcd 2.08-11.1 (bug #294793)
 CVE-2005-0073 (Buffer overflow in queue.c in a support script for sympa 3.3.3, when ...)
 	{DSA-677-1}
 	- sympa 4.1.2-2.1
@@ -12591,7 +12591,7 @@
 	- kernel-source-2.6.8 2.6.8-13
 	- kernel-source-2.4.27 2.4.27-8
 	- kernel-image-2.4.27-i386 2.4.27-8
-	- kernel-image-2.4.27-speakup 2.4.27-1.1
+	- kernel-image-2.4.27-speakup 2.4.27-1.1 (bug #295624)
 	- kernel-patch-powerpc-2.6.8 2.6.8-10
 CVE-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and ...)
 	NOT-FOR-US: oracle
@@ -14315,7 +14315,7 @@
 CVE-2004-0645 (Buffer overflow in the wvHandleDateTimePicture function in wv library ...)
 	{DSA-579-1 DSA-550-1}
 	- abiword 2.0.8
-	- wv 1.0.2-0.1
+	- wv 1.0.2-0.1 (bug #264972)
 	NOTE: fixed version of abiword based on http://xforce.iss.net/xforce/xfdb/16660
 CVE-2004-0644 (The asn1buf_skiptail function in the ASN.1 decoder library for MIT ...)
 	{DSA-543-1}
@@ -16226,7 +16226,7 @@
 CVE-2003-0741
 	RESERVED
 CVE-2003-0740 (Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor ...)
-	- stunnel 2:3.26
+	- stunnel 2:3.26 (bug #278942)
 	- stunnel4 2:4.04
 CVE-2003-0739 (VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows ...)
 	NOT-FOR-US: VMware

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2005-11-14 10:41:34 UTC (rev 2732)
+++ data/DSA/list	2005-11-14 11:02:45 UTC (rev 2733)
@@ -987,7 +987,7 @@
 	NOTE: not fixed in testing at time of DSA
 [11 Feb 2005] DSA-676-1 xpcd - buffer overflow
 	{CVE-2005-0074}
-	[woody] - xpcd 2.08-8woody3 (bug #294793)
+	[woody] - xpcd 2.08-8woody3
 	NOTE: not fixed in testing at time of DSA
 [11 Feb 2005] DSA-674-2 mailman - cross-site scripting, directory traversal
 	NOTE: only fixed bug in DSA