[Secure-testing-commits] r2824 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Nov 22 10:19:49 UTC 2005 

Author: jmm-guest
Date: 2005-11-22 10:19:43 +0000 (Tue, 22 Nov 2005)
New Revision: 2824

Modified:
   data/CVE/list
Log:
processed latest kernel issue according to review by dannf/horms
bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-22 09:55:38 UTC (rev 2823)
+++ data/CVE/list	2005-11-22 10:19:43 UTC (rev 2824)
@@ -143,7 +143,7 @@
 CVE-2004-2542 (Multiple SQL injection vulnerabilities in Dynix (formerly known as ...)
 	NOT-FOR-US: Dynix WebPac
 CVE-2004-2541 (Buffer overflow in Cscope 15.5, and possibly multiple overflows, ...)
-	- cscope <unfixed> (bug filed; medium)
+	- cscope <unfixed> (bug #340177; medium)
 CVE-2005-XXXX [unsafe file permissions in vpnc]
 	- vpnc <unfixed> (bug #340105; medium)
 CVE-2005-XXXX [Insecure tempfiles in libjpeg]
@@ -485,8 +485,10 @@
 CVE-2005-3528 (Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php ...)
 	NOT-FOR-US: TikiWiki
 CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6 allows ...)
-	- linux-2.6 <unfixed> 
-	NOTE: Pinged Horms and Dannf
+	- linux-2.6 2.6.14-1 (low)
+	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was introduced later)
+	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later)
+	NOTE: http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
 CVE-2005-3526
 	RESERVED
 CVE-2005-3525
@@ -3136,9 +3138,9 @@
 CVE-2005-2631 (Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to ...)
 	NOT-FOR-US: Cisco
 CVE-2005-2630 (Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and ...)
-	- helix-player <unfixed> (bug filed)
+	- helix-player <unfixed> (bug #340270)
 CVE-2005-2629 (Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne ...)
-	- helix-player <unfixed> (bug filed)
+	- helix-player <unfixed> (bug #340270)
 CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to ...)
 	- flashplugin-nonfree <unfixed> (bug #339290; high)
 CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow remote ...)

More information about the Secure-testing-commits mailing list