[Secure-testing-commits] r3758 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Apr 6 07:50:56 UTC 2006


Author: jmm-guest
Date: 2006-04-06 07:50:46 +0000 (Thu, 06 Apr 2006)
New Revision: 3758

Modified:
   data/CVE/list
   data/DSA/list
Log:
sash and dia DSAs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-05 21:14:23 UTC (rev 3757)
+++ data/CVE/list	2006-04-06 07:50:46 UTC (rev 3758)
@@ -457,11 +457,11 @@
 CVE-2006-1436
 	RESERVED
 CVE-2006-1435 (Cross-site scripting (XSS) vulnerability in genmessage.php in ...)
-	TODO: check
+	NOT-FOR-US: Accounting Receiving and Inventory Administration (ARIA), different from debian aria
 CVE-2006-1434 (Cross-site scripting (XSS) vulnerability in inscription.php in ...)
-	TODO: check
+	NOT-FOR-US: Annuaire (Directory)
 CVE-2006-1433 (Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: Annuaire (Directory)
 CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full ...)
 	NOT-FOR-US: fusionZONE couponZONE
 CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-04-05 21:14:23 UTC (rev 3757)
+++ data/DSA/list	2006-04-06 07:50:46 UTC (rev 3758)
@@ -1,3 +1,11 @@
+[06 Jan 2006] DSA-1026-1 sash - buffer overflows
+        {CVE-2005-1849 CVE-2005-2096}
+	[woody] - sash <not-affected> (Older zlib not vulnerable)
+	[sarge] - sash 3.7-5sarge1
+[06 Jan 2006] DSA-1025-1 dia - programming error
+        {CVE-2006-1550}
+	[woody] - dia 0.88.1-3woody1
+	[sarge] - dia 0.94.0-7sarge3
 [05 Jan 2006] DSA-1024-1 clamav - heap overflow
         {CVE-2006-1614 CVE-2006-1615 CVE-2006-1630}
 	[sarge] - clamav 0.84-2.sarge.8




More information about the Secure-testing-commits mailing list