[Secure-testing-commits] r3736 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Apr 3 14:39:17 UTC 2006
Author: jmm-guest
Date: 2006-04-03 14:39:10 +0000 (Mon, 03 Apr 2006)
New Revision: 3736
Modified:
data/CVE/list
Log:
three more no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-03 12:31:12 UTC (rev 3735)
+++ data/CVE/list 2006-04-03 14:39:10 UTC (rev 3736)
@@ -7578,6 +7578,7 @@
- flexbackup <unfixed> (bug #334350; low)
CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
- xscreensaver 4.23-2 (bug #334193; low)
+ [sarge] - xscreensaver <no-dsa> (Unproblematic for users running stable)
CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
- wget 1.10.2-1 (medium)
[sarge] - wget <not-affected> (Does not contain NTML authentication code)
@@ -7824,6 +7825,7 @@
- barrendero 1.1-1 (bug #279163)
CVE-2005-XXXX [hdup inproperly preserves permissions on directories]
- hdup <unfixed> (bug #302790; low)
+ [sarge] - hdup <no-dsa> (Mostly a bug, very limited security implications)
CVE-2001-XXXX [crypt++ passes passwords through the command line]
- crypt++el <unfixed> (bug #105562; low)
NOTE: Sarge and Woody are affected
@@ -7862,6 +7864,7 @@
- rkhunter 1.2.7-14 (bug #330627; medium)
CVE-2005-XXXX [fprobe-ng: Insecure default hash]
- fprobe-ng <unfixed> (bug #322699; low)
+ [sarge] - fprobe-ng <no-dsa> (Hardly exploitable)
CVE-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...)
NOT-FOR-US: Movable Type
CVE-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 ...)
More information about the Secure-testing-commits
mailing list