[Secure-testing-commits] r3807 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Apr 14 14:43:33 UTC 2006 

Author: jmm-guest
Date: 2006-04-14 14:43:24 +0000 (Fri, 14 Apr 2006)
New Revision: 3807

Modified:
   data/CVE/list
   data/DSA/list
Log:
new horde2 DSA
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-14 13:00:35 UTC (rev 3806)
+++ data/CVE/list	2006-04-14 14:43:24 UTC (rev 3807)
@@ -1020,7 +1020,7 @@
 CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew ...)
 	NOT-FOR-US: phpAdsNew
 CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd ...)
-	TODO: check
+	NOT-FOR-US: WebHost Automation Ltd Helm
 CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...)
 	- freeradius 1.0.5-1
 CVE-2005-4745 (SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ...)
@@ -1494,21 +1494,21 @@
 CVE-2006-1193
 	RESERVED
 CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always correctly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1190 (Microsoft Internet Explorer 5.01 through 6 does not always return the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1189 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1188 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1187
 	RESERVED
 CVE-2006-1186 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1185 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1184
 	RESERVED
 CVE-2006-1183 (The Ubuntu 5.10 installer does not properly clear passwords from the ...)
@@ -1921,7 +1921,7 @@
 CVE-2006-0993
 	RESERVED
 CVE-2006-0992 (Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server daemon ...)
 	NOT-FOR-US: Veritas NetBackup
 CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in ...)
@@ -2004,7 +2004,7 @@
 CVE-2006-0952
 	RESERVED
 CVE-2006-0951 (The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the ...)
-	TODO: check
+	NOT-FOR-US: NOD32
 CVE-2006-0950 (unalz 0.53 allows user-complicit attackers to overwrite arbitrary ...)
 	- unalz <unfixed> (bug #356832; medium)
 CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of ...)
@@ -2246,7 +2246,7 @@
 CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt files ...)
 	NOT-FOR-US: Leif M. Wright's Blog
 CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...)
-	TODO: check
+	NOT-FOR-US: Calacode @Mail
 CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)
 	- mantis <unfixed>
 CVE-2006-0840 (manage_user_page.php in Mantis 1.00rc4 and earlier does not properly ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-04-14 13:00:35 UTC (rev 3806)
+++ data/DSA/list	2006-04-14 14:43:24 UTC (rev 3807)
@@ -1,3 +1,6 @@
+[14 Apr 2006] DSA-1034-1 horde2 - several vulnerabilities
+        {CVE-2006-1260 CVE-2006-1491}
+        [sarge] - horde2 2.2.8-1sarge2
 [12 Apr 2006] DSA-1033-1 horde3 - several vulnerabilities
         {CVE-2005-4190 CVE-2006-1260 CVE-2006-1491}
         [sarge] - horde3 3.0.4-4sarge3

More information about the Secure-testing-commits mailing list