[Secure-testing-commits] r3803 - data/CVE

Fri Apr 14 10:01:26 UTC 2006

Author: jmm-guest
Date: 2006-04-14 10:01:15 +0000 (Fri, 14 Apr 2006)
New Revision: 3803

Modified:
   data/CVE/list
Log:
xscreensaver wasn't fully fixed in 4.16 (per vendor-sec)
4 new kernel issues
new xgzv issue
older wine issue unimportant


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-04-14 09:25:15 UTC (rev 3802)
+++ data/CVE/list	2006-04-14 10:01:15 UTC (rev 3803)
@@ -309,7 +309,7 @@
 CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer TuxBank ...)
 	TODO: check
 CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, ...)
-	- xscreensaver 4.16-1 (low)
+	- xscreensaver 4.18-1 (low)
 CVE-2006-XXXX [linphone insecure password leakage]
 	- linphone <unfixed> (bug #361913)
 CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root when the ...)
@@ -628,12 +628,13 @@
 	RESERVED
 CVE-2006-1525
 	RESERVED
-CVE-2006-1524
+CVE-2006-1524 [kernel: tmpfs local data destruction]
 	RESERVED
+	- linux-2.6 <unfixed>
 CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1521
 	RESERVED
 CVE-2006-1520
@@ -1670,7 +1671,7 @@
 	[woody] - curl <not-affected> (Vulnerable code not present)
 	[sarge] - curl <not-affected> (Vulnerable code not present)
 CVE-2006-1060 (Heap-based buffer overflow in xzgv allows user-complicit attackers to ...)
-	TODO: check
+	- xzgv <unfixed> (bug #362288; medium)
 CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine ...)
 	- samba 3.0.22-1
 	[woody] - samba <not-affected>
@@ -2347,8 +2348,9 @@
 	- xorg-x11 6.9.0.dfsg.1-5 (bug #360388; medium)
 	- xorg-server 1:1.0.2-1
 	- xfree86 <not-affected>
-CVE-2006-0744
+CVE-2006-0744 [x86_64: When user could have changed RIP always force IRET]
 	RESERVED
+	- linux-2.6 <unfixed>
 CVE-2006-0743 (Format string vulnerability in LocalSyslogAppender in Apache log4net ...)
 	NOT-FOR-US: Log4Net
 CVE-2006-0742 (The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux ...)
@@ -10532,7 +10534,8 @@
 CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall ...)
 	NOT-FOR-US: Trend Micro InterScan VirusWall
 CVE-2005-XXXX [wine: Unsafe use of temporary files in winelauncher]
-	- wine 0.0.20050830-1 (bug #321470; low)
+	- wine 0.0.20050830-1 (bug #321470; unimportant)
+	NOTE: Not shipped in binary package
 CVE-2005-XXXX [DoS to users to prevent usage of showpartial through _hard_ links]
 	- metamail 2.7-48 (bug #321473; low)
 	[sarge] - metamail <no-dsa> (Hardly exploitable, minor Dos)
@@ -11054,10 +11057,8 @@
 CVE-2004-2265 (UUDeview 0.5.20 and earlier handles temporary files insecurely during ...)
 	- uudeview <unfixed> (bug #320541; medium)
 	NOTE: uudeview apparetly not vulnerable, unsafe code is not called (#358500)
-	TODO: check libconvert-uulib-perl, Florian Weimer is looking at libconvert-uulib-perl
-	TODO: Check, to which extent #242999 applies (there might be more?)
 CVE-2004-2264 (** DISPUTED ** ...)
-	NOTE: less is not suid, explotability unlikely
+	- less <not-affected> (less is not suid, explotability unlikely)
 CVE-2004-2263 (SQL injection vulnerability in the valid function in fr_left.php in ...)
 	NOT-FOR-US: PlaySMS
 CVE-2004-2262 (ImageManager in e107 before 0.617 does not properly check the types of ...)


