[Secure-testing-commits] r2537 - in data: CVE DSA

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2005-10-23 18:22:48 +0000 (Sun, 23 Oct 2005)
New Revision: 2537

Modified:
   data/CVE/list
   data/DSA/list
Log:
more DSA entries reworked


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-10-23 14:01:19 UTC (rev 2536)
+++ data/CVE/list	2005-10-23 18:22:48 UTC (rev 2537)
@@ -12628,9 +12628,9 @@
 	NOT-FOR-US: fetch on FreeBSD
 CVE-2004-1052 (Buffer overflow in the getnickuserhost function in BNC 2.8.9, and ...)
 	{DSA-595-1}
-	NOTE: bnc is not in sarge or unstable (is in woody)
+	- bnc <removed>
 CVE-2004-1051 (sudo before 1.6.8p2 allows local users to execute arbitrary commands ...)
-	{DSA-596-2 DSA-596-1}
+	{DSA-596-2}
 	- sudo 1.6.8p3-1
 CVE-2004-1050 (Heap-based buffer overflow in Internet Explorer 6 allows remote ...)
 	NOT-FOR-US: Microsoft
@@ -13060,6 +13060,7 @@
 	- koffice 1:1.3.4-1
 	NOTE: only affects source package, not used in binary
 	- cupsys <unfixed> (bug #324460; unimportant)
+	- tetex-bin 2.0.2-23
 CVE-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not properly ...)
 	NOTE: waldi provided this info
 	- linux-kernel-image-2.6.8-s390 2.6.8-3

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2005-10-23 14:01:19 UTC (rev 2536)
+++ data/DSA/list	2005-10-23 18:22:48 UTC (rev 2537)
@@ -1164,45 +1164,42 @@
 [29 Nov 2004] DSA-602-1 libgd2 - integer overlow
 	{CVE-2004-0941 CVE-2004-0990}
 	NOTE: different from fixes from earlier DSA for these CVEs; 2004-0941 new
-	- libgd2 2.0.33-1.1
+	[woody] - libgd2 2.0.1-10woody2
 [29 Nov 2004] DSA-601-1 libgd1 - integer overflow
 	{CVE-2004-0941 CVE-2004-0990}
 	NOTE: different from fixes from earlier DSA for these CVEs; 2004-0941 new
-	- libgd 1.8.4-36.1
+	[woody] - libgd 1.8.4-17.woody4
 [25 Nov 2004] DSA-599-1 tetex-bin - integer overflows
 	{CVE-2004-0888}
-	- tetex-bin 2.0.2-23
+	[woody] - tetex-bin 20011202-7.3
 [25 Nov 2004] DSA-598-1 yardradius - buffer overflow
 	{CVE-2004-0987}
-	- yardradius 1.0.20-15
+	[woody] - yardradius 1.0.20-2woody1
 [25 Nov 2004] DSA-597-1 cyrus-imapd - buffer overflow
 	{CVE-2004-1012 CVE-2004-1013}
-	- cyrus21-imapd 2.1.17-1
+	[woody] - cyrus21-imapd 1.5.19-9.2
 [24 Nov 2004] DSA-596-2 sudo - missing input sanitising
 	{CVE-2004-1051}
-	- sudo 1.6.8p3-1
-[24 Nov 2004] DSA-596-1 sudo - missing input sanitising
-	{CVE-2004-1051}
-	- sudo 1.6.8p3-1
+	[woody] - sudo 1.6.6-1.3
 [24 Nov 2004] DSA-595-1 bnc - buffer overflow
 	{CVE-2004-1052}
-	NOTE: package not in sarge or sid
+	[woody] - bnc 2.6.4-3.3
 [17 Nov 2004] DSA-594-1 apache - buffer overflows
 	{CVE-2004-0940}
-	- apache 1.3.33-2
+	[woody] - apache 1.3.26-0woody6
 [16 Nov 2004] DSA-593-1 imagemagick - buffer overflow
 	{CVE-2004-0981}
-	- imagemagick 6:6.0.6.2-1.5
+	[woody] - imagemagick 5.4.4.5-1woody4
 [12 Nov 2004] DSA-592-1 ez-ipupdate - format string
 	{CVE-2004-0980}
-	- ez-ipupdate 3.0.11b8-8
+	[woody] - ez-ipupdate 3.0.11b5-1woody2
 [09 Nov 2004] DSA-591-1 libgd2 - integer overflows
 	{CVE-2004-0990}
-	- libgd2 2.0.30-1
+	[woody] - libgd 1.8.4-17.woody3
+	[woody] - libgd2 2.0.1-10woody1
 [09 Nov 2004] DSA-590-1 gnats - format string vulnerability
 	{CVE-2004-0623}
-	NOTE: DSA got version of fix for unstable wrong
-	- gnats 4.0-6.1
+	[woody] - gnats 3.999.beta1+cvs20020303-2
 [09 Nov 2004] DSA-589-1 libgd - integer overflows
 	{CVE-2004-0990}
 	- libgd 1.8.4-36.1
@@ -1301,7 +1298,7 @@
 	- xfree86 4.3.0.dfsg.1-8
 [07 Oct 2004] DSA-600-1 samba - arbitrary file access
 	{CVE-2004-0815}
-	NOTE: not affected according to DSA
+	[woody] - samba 2.2.3a-14.1
 [07 Oct 2004] DSA-560-1 lesstif1-1 - integer and stack overflows
 	{CVE-2004-0687 CVE-2004-0688}
 	- lesstif1-1 1:0.93.94-10