[Secure-testing-commits] r2767 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Nov 17 08:23:00 UTC 2005
Author: jmm-guest
Date: 2005-11-17 08:22:56 +0000 (Thu, 17 Nov 2005)
New Revision: 2767
Modified:
data/CVE/list
Log:
phpmyadmin CVEfied and fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-16 23:34:39 UTC (rev 2766)
+++ data/CVE/list 2005-11-17 08:22:56 UTC (rev 2767)
@@ -1,5 +1,5 @@
-CVE-2005-XXXX [phpmyadmin HTTP response splitting]
- - phpmyadmin <unfixed> (bug #339437; medium)
+CVE-2005-3621 [phpmyadmin HTTP response splitting]
+ - phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium)
CVE-2005-XXXX [openswan isakmp dos]
- openswan 1:2.4.3-1 (bug #339082; medium)
TODO: Keep an eye on ipsec-tools's upstream, it's potentially affected as well
@@ -8311,9 +8311,8 @@
- gaim 1:1.3.1-1 (bug #315356; low)
CVE-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List (CRL) ...)
{DSA-805-1}
- NOTE: This is from latest Trustix advisory, exploitation would require to trick
- NOTE: someone into using a maliciously crafted certificate revocation list
- apache2 2.0.54-5 (bug #320048; bug #320063; bug #322613; low)
+ - apache <not-affected> (Not affected, see #322613)
CVE-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly handle ...)
{DSA-854-1}
- tcpdump 3.9.0.cvs.20050614-1 (medium)
More information about the Secure-testing-commits
mailing list