[Secure-testing-commits] r3753 - in data: . CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Apr 5 10:19:35 UTC 2006 

Author: jmm-guest
Date: 2006-04-05 10:19:28 +0000 (Wed, 05 Apr 2006)
New Revision: 3753

Modified:
   data/CVE/list
   data/DSA/list
   data/ID_pending
Log:
new kaffeine DSA
amaya rpath not in Sarge
remove another issue not worth tracking


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/CVE/list	2006-04-05 10:19:28 UTC (rev 3753)
@@ -1229,6 +1229,7 @@
 	NOT-FOR-US: Kwik-Pay Payroll
 CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian ...)
 	- amaya 9.4-1 (bug #341424)
+	[sarge] - amaya <not-affected> (The Sarge version doesn't have an rpath set)
 CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...)
 	- runit <unfixed> (bug #356016; medium)
 	[sarge] - runit <not-affected>
@@ -14783,11 +14784,9 @@
 	RESERVED
 	NOTE: have not checked to see which security holes are in it exactly
 	- nvu <unfixed> (bug #306822; medium)
-CVE-2005-XXXX [eskuel: arbitrary file retrieving]
-	- eskuel 1.0.5-3.1 (bug #307270; low)
-CVE-2005-2356 [eskuel: No authentication at all]
+CVE-2005-2356
 	RESERVED
-	- eskuel <unfixed> (bug #163653; low)
+	NOTE: This was assigned to an eskuel non-issue before due to Red Hat typos
 CVE-2005-XXXX [Buffer overflow in elog's header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/DSA/list	2006-04-05 10:19:28 UTC (rev 3753)
@@ -1,3 +1,6 @@
+[05 Apr 2006] DSA-1023-1 kaffeine - buffer overflow
+	{CVE-2006-0051}
+	[sarge] - kaffeine 0.6-1sarge1
 [04 Apr 2006] DSA-1022-1 storebackup - several
 	{CVE-2005-3146 CVE-2005-3147 CVE-2005-3148}
 	[sarge] - storebackup 1.18.4-2sarge1

Modified: data/ID_pending
===================================================================
--- data/ID_pending	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/ID_pending	2006-04-05 10:19:28 UTC (rev 3753)
@@ -337,8 +337,6 @@
 	- xtradius 1.2.1-beta2-2 (bug #307796; unimportant)
 CVE-2005-XXXX [fai tempfile vulnerability]
 	- fai 2.8.2
-CVE-2005-XXXX [eskuel: arbitrary file retrieving]
-	- eskuel 1.0.5-3.1 (bug #307270; low)
 CVE-2005-XXXX [Buffer overflow in elog's header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]

More information about the Secure-testing-commits mailing list