[Secure-testing-commits] r3760 - data/CVE
Joey Hess
joeyh at costa.debian.org
Thu Apr 6 09:14:32 UTC 2006
Author: joeyh
Date: 2006-04-06 09:14:25 +0000 (Thu, 06 Apr 2006)
New Revision: 3760
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-06 08:38:31 UTC (rev 3759)
+++ data/CVE/list 2006-04-06 09:14:25 UTC (rev 3760)
@@ -341,6 +341,7 @@
- hamlib <unfixed> (bug #358166; low)
[sarge] - hamlib <no-dsa> (Only exploitable with strange user name)
CVE-2006-1550 (Multiple buffer overflows in the xfig import code (xfig-import.c) in ...)
+ {DSA-1025-1}
- dia 0.94.0-18 (bug #360566)
CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)
- mediawiki 1.4.15-1
@@ -3839,6 +3840,7 @@
RESERVED
- libimager-perl <unfixed> (bug #359661)
CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, ...)
+ {DSA-1027-1}
- mailman <unfixed> (bug #358892)
CVE-2006-0051 (Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through ...)
{DSA-1023-1}
@@ -11702,7 +11704,7 @@
- poppler 0.4.0-1 (low)
- libextractor 0.5.8-1 (medium)
CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a denial ...)
- {DSA-797-2 DSA-797-1 DSA-740-1}
+ {DSA-1026-1 DSA-797-2 DSA-797-1 DSA-740-1}
NOTE: Several packages ship embedded copies of zlib, there are a lot probably more
NOTE: Florian Weimer is doing a comprehensive audit using clamav
NOTE: to search for static zlib signatures in binaries in Debian
@@ -13041,7 +13043,7 @@
{DSA-760-1 DTSA-4-1}
- ekg 1:1.5+20050712+1.6rc2-1 (low)
CVE-2005-1849 (inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of ...)
- {DSA-797-2 DSA-797-1 DSA-763-1}
+ {DSA-1026-1 DSA-797-2 DSA-797-1 DSA-763-1}
NOTE: This is only contrib code not built in the binary packages AFAIK
- zlib 1:1.2.3-1 (low)
- zsync 0.4.1-1 (low)
More information about the Secure-testing-commits
mailing list