[Secure-testing-commits] r1942 - in data: CAN CVE

Joey Hess joeyh at costa.debian.org
Mon Sep 12 21:14:21 UTC 2005 

Author: joeyh
Date: 2005-09-12 21:14:17 +0000 (Mon, 12 Sep 2005)
New Revision: 1942

Modified:
   data/CAN/list
   data/CVE/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-12 20:15:08 UTC (rev 1941)
+++ data/CAN/list	2005-09-12 21:14:17 UTC (rev 1942)
@@ -348,7 +348,7 @@
 CAN-2005-2701
 	NOTE: reserved
 CAN-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
-	{DSA-805-1}
+	{DSA-807-1 DSA-805-1}
 	- libapache-mod-ssl 2.8.24-1 (medium)
 	- apache2 2.0.54-5 (bug #327210; medium)
 CAN-2005-2699 (admin/admin.php in PHPKit 1.6.1 allows remote authenticated ...)
@@ -1565,6 +1565,7 @@
 CAN-2005-2412 (PHP remote file inclusion vulnerability in block.php in PHP FirstPost ...)
 	NOTE: not-for-us (First Post)
 CAN-2005-2411 (Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and ...)
+	{DSA-808-1}
 	- tdiary 2.0.2-1 (medium)
 CAN-2005-2410 (Format string vulnerability in the nm_info_handler function in Network ...)
 	NOTE: not-for-us (Network Manager)
@@ -11225,6 +11226,7 @@
 CAN-2004-1143 (The password generation in mailman before 2.1.5 generates only 5 ...)
 	- mailman 2.1.5-5
 CAN-2004-1142 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a ...)
+	{DSA-613-1}
 	- ethereal 0.10.8
 CAN-2004-1141 (The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote ...)
 	- ethereal 0.10.8
@@ -12501,9 +12503,9 @@
 CAN-2004-0596 (The Equalizer Load-balancer for serial network interfaces (eql.c) in ...)
 	NOTE: Fixed in upstream ( <= 2.6.7)
 CAN-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to ...)
-	{DSA-689-1 DSA-531}
+	{DSA-669-1 DSA-531}
 CAN-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to ...)
-	{DSA-689-1 DSA-531}
+	{DSA-669-1 DSA-531}
 CAN-2004-0593 (Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before ...)
 	NOTE: not-for-us (Sygate Enforcer)
 CAN-2004-0592

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-09-12 20:15:08 UTC (rev 1941)
+++ data/CVE/list	2005-09-12 21:14:17 UTC (rev 1942)
@@ -1,3 +1,6 @@
+CVE-2002-1412
+	{DSA-138}
+	TODO: check
 CVE-2004-0356
 	NOTE: not-for-us (windows mta)
 CVE-2004-0347

More information about the Secure-testing-commits mailing list