[Secure-testing-commits] r2496 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Oct 20 10:08:39 UTC 2005 

Author: jmm-guest
Date: 2005-10-20 10:08:28 +0000 (Thu, 20 Oct 2005)
New Revision: 2496

Modified:
   data/CVE/list
Log:
CVEfied enigmail and snort, the previous snort entry is different


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-10-20 09:32:16 UTC (rev 2495)
+++ data/CVE/list	2005-10-20 10:08:28 UTC (rev 2496)
@@ -4,14 +4,12 @@
 CVE-2005-XXXX [yiff-server: runs as root and opens any file a client asks for]
 	- yiff-server <unfixed> (bug #334616; high)
 CVE-2005-3256 (The key selection dialogue in Enigmail before 0.92.1 can incorrectly ...)
-	TODO: check
+	- enigmail 2:0.93-1 (unknown)
 CVE-2005-3253
 	RESERVED
 CVE-2005-3252 (Stack-based buffer overflow in the Back Orifice (BO) preprocessor for ...)
-	TODO: check
-CVE-2005-XXXX [buffer overflow in snort's bo preprocessor]
-	- snort <not-affected> (Vulnerable code was introduced later)
-	NOTE: See bug #334606
+	- snort 2.3.3-2 (bug #328134; low)
+	- snort <not-affected> (Vulnerable code was introduced later, see bug #334606)
 CVE-2005-3251 (Directory traversal vulnerability in the gallery script in Gallery 2.0 ...)
 	- gallery 2.0.1-1 (medium)
 CVE-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause a ...)
@@ -158,8 +156,6 @@
 	- xscreensaver <unfixed> (bug #334193; low)
 CVE-2005-XXXX [centericq remote dos by special nmap scan]
 	- centericq <unfixed> (bug #334089; low)
-CVE-2005-XXXX [Unspecified vulnerability in enigmail]
-	- enigmail 2:0.93-1 (unknown)
 CVE-2005-XXXX [Unspecified vulnerability in zope's docutils]
 	- zope2.8 2.8.1-7
 CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
@@ -1001,8 +997,6 @@
 	NOTE: slune had to be adapted to internal py2play changes in order to avoid breakage
 CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in ...)
 	- cupsys 1.1.23-1 (unknown)
-CVE-2005-XXXX [snort vulnerable to DoS attack]
-	- snort 2.3.3-2 (bug #328134; low)
 CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
 	{DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; medium)

More information about the Secure-testing-commits mailing list