[Secure-testing-commits] r2827 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Nov 22 14:23:43 UTC 2005 

Author: jmm-guest
Date: 2005-11-22 14:23:38 +0000 (Tue, 22 Nov 2005)
New Revision: 2827

Modified:
   data/CVE/list
   data/DSA/list
Log:
more DSA conversions


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-22 11:56:15 UTC (rev 2826)
+++ data/CVE/list	2005-11-22 14:23:38 UTC (rev 2827)
@@ -1703,19 +1703,15 @@
 	- php5 5.0.5-2 (low)
 	- php4 4:4.4.0-3 (low)
 CVE-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does ...)
-	- linux-2.6 2.6.12-11 (medium)
-	NOTE: Might as well be 2.6.13-2, depending on the next upload
+	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
-	NOTE: CVE requested
 CVE-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
 	- linux-2.6 2.6.13-2 (low)
 	- kernel-source-2.4.27 <not-affected>
 	NOTE: 2.6.12 itself not affected, fixed in SVN
 CVE-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs ...)
-	- linux-2.6 2.6.12-11 (medium)
-	NOTE: Might as well be 2.6.13-2, depending on the next upload
+	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-	NOTE: CVE requested
 CVE-2005-XXXX [DoS vulnerability in msg id parsing of spampd]
 	- spampd <unfixed> (bug #332259; low)
 CVE-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
@@ -16980,7 +16976,7 @@
 	- proftpd 1.2.9-1
 CVE-2003-0830 (Buffer overflow in marbles 1.0.2 and earlier allows local users to ...)
 	{DSA-390}
-	NOTE: marbles package not in testing or unstable
+	- marbles <removed>
 CVE-2003-0829
 	RESERVED
 CVE-2003-0828 (Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local ...)
@@ -17031,7 +17027,7 @@
 	NOT-FOR-US: microsoft
 CVE-2003-0805 (Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x ...)
 	{DSA-387}
-	NOTE: gopherd not in testing or unstable (deprecated)
+	- gopher <not-affected> (gopherd was removed in 3.0.6)
 CVE-2003-0804 (The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before ...)
 	NOT-FOR-US: BSD
 CVE-2003-0803 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers to ...)
@@ -17073,10 +17069,12 @@
 	- ssh 1:3.7.1p2
 CVE-2003-0785 (ipmasq before 3.5.12, in certain configurations, may forward packets ...)
 	{DSA-389}
+	- ipmasq 3.5.12
 CVE-2003-0784 (Format string vulnerability in tsm for the bos.rte.security fileset on ...)
 	NOT-FOR-US: IBM TSM
 CVE-2003-0783 (Multiple buffer overflows in hztty 2.0 allow local users to gain root ...)
 	{DSA-385}
+	- hztty 2.0-6
 CVE-2003-0782 (Multiple buffer overflows in ecartis before 1.0.0 allow attackers to ...)
 	{DSA-467}
 	- ecartis 1.0.0+cvs.20030911
@@ -17266,11 +17264,13 @@
 	- openssh 1:3.6.1p2-6.0
 CVE-2003-0692 (KDM in KDE 3.1.3 and earlier uses a weak session cookie generation ...)
 	{DSA-388}
+	- kdebase 4:3.2
 CVE-2003-0691
 	RESERVED
 CVE-2003-0690 (KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred ...)
 	{DSA-443 DSA-388}
 	- xfree86 4.3.0-0pre1v2
+	- kdebase 4:3.2
 CVE-2003-0689 (The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows ...)
 	- glibc 2.2.5
 CVE-2003-0688 (The DNS map code in Sendmail 8.12.8 and earlier, when using the ...)
@@ -20385,7 +20385,7 @@
 	NOT-FOR-US: Alcatel
 CVE-2002-1271 (The Mail::Mailer Perl module in the perl-MailTools package 1.47 and ...)
 	{DSA-386}
-	- libmailtools-perl 1.51
+	- libmailtools-perl 1.51 (bug #168381)
 CVE-2002-1270 (Mac OS X 10.2.2 allows local users to read files that only allow write ...)
 	NOT-FOR-US: Mac OS X
 CVE-2002-1268 (Mac OS X 10.2.2 allows local users to gain privileges via a mounted ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2005-11-22 11:56:15 UTC (rev 2826)
+++ data/DSA/list	2005-11-22 14:23:38 UTC (rev 2827)
@@ -2019,28 +2019,28 @@
 	[woody] - openssl 0.9.6c-2.woody.4
 [29 Sep 2003] DSA-392 webfs - buffer overflows, file and directory exposure
 	{CVE-2003-0832 CVE-2003-0833}
-	- webfs 1.20
+	[woody] - webfs 1.17.2
 [28 Sep 2003] DSA-391 freesweep - buffer overflow
 	{CVE-2003-0828}
-	- freesweep 0.88-4.1
+	[woody] - freesweep 0.88-4woody1
 [26 Sep 2003] DSA-390 marbles - buffer overflow
 	{CVE-2003-0830}
-	NOTE: not present in sid, sarge
+	[woody] - marbles 1.0.2-1woody1
 [20 Sep 2003] DSA-389 ipmasq - insecure packet filtering rules
 	{CVE-2003-0785}
-	- ipmasq 3.5.12
+	[woody] - ipmasq 3.5.10c
 [19 Sep 2003] DSA-388 kdebase - several vulnerabilities
 	{CVE-2003-0690 CVE-2003-0692}
-	- kdebase 4:3.2
+	[woody] - kdebase 4:2.2.2-14.7
 [18 Sep 2003] DSA-387 gopher - buffer overflows
 	{CVE-2003-0805}
-	- gopher 3.0.6
+	[woody] - gopher 3.0.3woody1
 [18 Sep 2003] DSA-386 libmailtools-perl - input validation bug
 	{CVE-2002-1271}
-	- libmailtools-perl 1.51 (bug #168381)
+	[woody] - libmailtools-perl 1.44-1woody1
 [18 Sep 2003] DSA-385 hztty - buffer overflows
 	{CVE-2003-0783}
-	- hztty 2.0-6
+	[woody] - hztty 2.0-5.2woody1
 [17 Sep 2003] DSA-384 sendmail - buffer overflows
 	{CVE-2003-0681 CVE-2003-0694}
 	- sendmail 8.12.10-1

More information about the Secure-testing-commits mailing list