[Secure-testing-commits] r2840 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Nov 23 09:57:38 UTC 2005 

Author: jmm-guest
Date: 2005-11-23 09:57:34 +0000 (Wed, 23 Nov 2005)
New Revision: 2840

Modified:
   data/CVE/list
Log:
new potential kernel issues
bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-23 09:19:04 UTC (rev 2839)
+++ data/CVE/list	2005-11-23 09:57:34 UTC (rev 2840)
@@ -1,3 +1,6 @@
+CVE-2005-XXXX [Two potential netfilter DoS issues]
+	- linux-2.6 <unfixed>
+	NOTE: Pinged Horms/dannf
 CVE-2005-3759 [XSS in horde3]
 	- horde3 3.0.7-1 (bug #340323; medium)
 CVE-2004-2569 [Insecure temp file in ipmenu]
@@ -1692,7 +1695,7 @@
 	RESERVED
 CVE-2005-3186 (Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in ...)
 	- gtk+2.0 2.6.10-2 (bug #339431; medium)
-	- gdk-pixbuf 0.22.0-11 (bug #339431; medium)
+	- gdk-pixbuf 0.22.0-11 (bug #339431; bug #339458; medium)
 CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the Service ...)
 	- ethereal <unfixed> (bug #334880; medium)
 CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww ...)
@@ -9655,7 +9658,7 @@
 	NOT-FOR-US: Sumus web server
 CVE-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote ...)
 	{DSA-713-1}
-	- junkbuster <removed>
+	- junkbuster <removed> (bug #304793)
 	NOTE: checked privoxy, is not vulnerable
 CVE-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with ...)
 	{DSA-713-1}
@@ -20189,14 +20192,9 @@
 CVE-2002-1476 (Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and ...)
 	NOT-FOR-US: NetBSD
 CVE-2002-1472 (libX11.so in xfree86, when used in setuid or setgid programs, allows ...)
-	- xfree86 4.2.1-1
-	NOTE: Accordong to http://www.securityfocus.com/bid/5735/info/
-	NOTE: woody is still vulnerable
-	NOTE: open bug #280872
+	- xfree86 4.2.1-1 (bug #280872)
 CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does not ...)
-	- evolution 1.2.0-1
-	NOTE: woody seems to be still vulnerable
-	NOTE: open bug #280883
+	- evolution 1.2.0-1 (bug #280883)
 CVE-2002-1469 (scponly does not properly verify the path when finding the (1) scp or ...)
 	- scponly 3.8-1
 	NOTE: according to http://sublimation.org/scponly/ (scponly home page)

More information about the Secure-testing-commits mailing list