[Secure-testing-commits] r3778 - data/CVE

Joey Hess joeyh at costa.debian.org
Sat Apr 8 21:14:33 UTC 2006 

Author: joeyh
Date: 2006-04-08 21:14:25 +0000 (Sat, 08 Apr 2006)
New Revision: 3778

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-08 18:30:08 UTC (rev 3777)
+++ data/CVE/list	2006-04-08 21:14:25 UTC (rev 3778)
@@ -1899,6 +1899,7 @@
 CVE-2006-0807 (Stack-based buffer overflow in NJStar Chinese and Japanese Word ...)
 	NOT-FOR-US: NJStar
 CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71 ...)
+	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #358872; medium)
 	- moodle <unfixed> (bug #360396; medium)
 CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed ...)
@@ -2896,6 +2897,7 @@
 CVE-2006-0411 (claro_init_local.inc.php in Claroline 1.7.2 uses guessable session ...)
 	NOT-FOR-US: Claroline
 CVE-2006-0410 (SQL injection vulnerability in ADOdb before 4.71, when using ...)
+	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #349985; medium)
 	- moodle <unfixed> (bug #360395; medium)
 CVE-2006-0409 (Cross-site scripting (XSS) vulnerability in index.php in Pixelpost ...)
@@ -3545,7 +3547,7 @@
 CVE-2006-0152 (Cross-site scripting (XSS) in search_result.php in phpChamber 1.2 and ...)
 	NOT-FOR-US: phpChamber
 CVE-2006-0151 (sudo 1.6.8 and other versions does not clear the PYTHONINSPECT ...)
-	{DSA-946-1}
+	{DSA-946-2}
 	- sudo 1.6.8p12-1 (medium)
 	NOTE: The whole black list approach is flawed, for the DSA we'll switch to
 	NOTE: a white list approach of known to be safe env vars.
@@ -3557,8 +3559,10 @@
 CVE-2006-0148 (NetSarang Xlpd 2.1 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: NetSarang Xlpd
 CVE-2006-0147 (Dynamic code evaluation vulnerability in tests/tmssql.php test script ...)
+	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 CVE-2006-0146 (The server.php test script in ADOdb for PHP before 4.70, as used in ...)
+	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and ...)
 	NOT-FOR-US: NetBSD
@@ -3899,6 +3903,7 @@
 	- graphicsmagick 1.1.7-1
 CVE-2006-0053 [libimager-perl DoS]
 	RESERVED
+	{DSA-1028-1}
 	- libimager-perl 5.0-1 (bug #359661)
 CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, ...)
 	{DSA-1027-1}
@@ -4869,7 +4874,7 @@
 CVE-2005-4159 (** DISPUTED ** ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2005-4158 (Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear ...)
-	{DSA-946-1}
+	{DSA-946-2}
 	- sudo 1.6.8p12-1 (bug #342948; medium)
 CVE-2005-4157 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 ...)
 	NOT-FOR-US: Kerio Firewall

More information about the Secure-testing-commits mailing list