[Secure-testing-commits] r3808 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Fri Apr 14 20:47:11 UTC 2006 

Author: stef-guest
Date: 2006-04-14 20:47:04 +0000 (Fri, 14 Apr 2006)
New Revision: 3808

Modified:
   data/CVE/list
Log:
we have three versions of gnutls in sid, only one is fixed
xmame fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-14 14:43:24 UTC (rev 3807)
+++ data/CVE/list	2006-04-14 20:47:04 UTC (rev 3808)
@@ -1,15 +1,15 @@
 CVE-2006-XXXX [two amaya buffer overflows]
 	- amaya <unfixed> (bug #362575)
 CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php in ...)
-	TODO: check
+	NOT-FOR-US: pajax
 CVE-2006-1788 (Adobe Document Server for Reader Extensions 6.0, during log on, ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-1787 (Adobe Document Server for Reader Extensions 6.0 includes a user's ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-1786 (Cross-site scripting (XSS) vulnerability in Adobe Document Server for ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-1785 (Adobe Document Server for Reader Extensions 6.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-1784 (PHP remote file inclusion vulnerability in admin/configset.php in ...)
 	TODO: check
 CVE-2006-1783 (Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote ...)
@@ -2692,7 +2692,9 @@
 	{DSA-986-1 DSA-985-1}
 	- libtasn1-2 <unfixed> (bug #352182)
 	NOTE: upload of 0.3.1-1 was reverted in 1:0.2.17-2 because of soname change
-	- gnutls <unfixed>
+	- gnutls13 1.3.5-1
+	- gnutls12 <unfixed>
+	- gnutls11 <unfixed>
 CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...)
@@ -3907,7 +3909,7 @@
 CVE-2006-0177 (Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local ...)
 	NOT-FOR-US: Cray UNICOS
 CVE-2006-0176 (Buffer overflow in certain functions in src/fileio.c and ...)
-	- xmame <unfixed> (medium; bug #349653)
+	- xmame 0.104-1 (medium; bug #349653)
 	NOTE: Only xmame-svgalib is vulnerable, the xmame-x package has a debconf
 	NOTE: question, that makes it very clear that setuid root is only for single-user
 	NOTE: systems and xmame-sdl and xmess aren't setuid at all

More information about the Secure-testing-commits mailing list