[Secure-testing-commits] r2619 - data/CVE
Florian Weimer
fw at costa.debian.org
Sun Oct 30 22:26:40 UTC 2005
Author: fw
Date: 2005-10-30 22:26:27 +0000 (Sun, 30 Oct 2005)
New Revision: 2619
Modified:
data/CVE/list
Log:
Investigate a few bug reports. The htdig issue was a dupe,
and the corresponding bug report is being closed.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-10-30 21:41:50 UTC (rev 2618)
+++ data/CVE/list 2005-10-30 22:26:27 UTC (rev 2619)
@@ -485,7 +485,7 @@
- wget 1.10.2-1 (medium)
- curl 7.15.0-1 (bug #333734; medium)
CVE-2005-3239 (The OLE2 unpacker in clamd in ClamAV 0.87-1 allows remote attackers to ...)
- - clamav <unfixed> (bug #333566)
+ - clamav <unfixed> (bug #333566; medium)
CVE-2005-3181 (Linux kernel before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, ...)
- linux-2.6 2.6.12-11 (low)
NOTE: Might as well be 2.6.13-2, depending on the next upload
@@ -692,8 +692,6 @@
NOTE: This looks quite strange, should be followed up, whether it's really reproducible
CVE-2005-XXXX [tar's rmt command may have undesired side effects]
- tar <unfixed> (bug #290435; low)
-CVE-2005-XXXX [Unspecified vulnerability in htdig's htsearch and qtest]
- - htdig <unfixed> (bug #305996; unknown)
CVE-2005-XXXX [clamav's VERSION command does not return the currently loaded version]
NOTE: no exploit vector, just bad info
- clamav <unfixed> (bug #323803; unimportant)
@@ -719,7 +717,8 @@
CVE-2004-XXXX [Insecure temp files in amanda's chg-manual]
- amanda <unfixed> (bug #226139; low)
CVE-2004-XXXX [Potential buffer overflow in firebird2]
- - firebird2 <unfixed> (bug #264453; unknown)
+ - firebird2 <unfixed> (bug #264453; low)
+ NOTE: very likely not exploitable
CVE-2004-XXXX [Buffer overflow in wdm's login]
- wdm <unfixed> (bug #276218; low)
CVE-2005-XXXX [Unsafe string landling in ldapdiff]
More information about the Secure-testing-commits
mailing list