[Secure-testing-commits] r4499 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Fri Aug 4 16:40:24 UTC 2006 

Author: stef-guest
Date: 2006-08-04 16:40:22 +0000 (Fri, 04 Aug 2006)
New Revision: 4499

Modified:
   data/CVE/list
Log:
- ocp fixed
- bugnums
- apache XSS is probably "medium", not "low"

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-08-03 23:06:59 UTC (rev 4498)
+++ data/CVE/list	2006-08-04 16:40:22 UTC (rev 4499)
@@ -103,8 +103,8 @@
 CVE-2006-3919 (SQL injection vulnerability in index.php in SD Studio CMS allows ...)
 	TODO: check
 CVE-2006-3918 (http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 ...)
-	- apache2 <unfixed> (bug filed; low)
-	- apache <unfixed> (bug filed; low)
+	- apache2 <unfixed> (bug #381376; medium)
+	- apache <unfixed> (bug #381381; medium)
 CVE-2006-3917 (PHP remote file inclusion vulnerability in inc/gabarits.php in R. ...)
 	TODO: check
 CVE-2006-3916 (Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka ...)
@@ -114,7 +114,7 @@
 CVE-2006-3914 (Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite ...)
 	TODO: check
 CVE-2006-3913 (Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul ...)
-	- freeciv <unfixed> (bug filed; medium)
+	- freeciv <unfixed> (bug #381378; medium)
 CVE-2006-3912 (Stack-based buffer overflow in the SFX module in WinRAR before 3.60 ...)
 	NOT-FOR-US: WinRAR
 CVE-2006-3911 (PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 ...)
@@ -182,7 +182,7 @@
 CVE-2006-3880 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-3879 (Integer overflow in the loadChunk function in loaders/load_gt2.c in ...)
-	- libmikmod2 <unfixed> (bug filed)
+	- libmikmod2 <unfixed> (bug #381379)
 CVE-2006-3878 (Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql ...)
 	TODO: check
 CVE-2006-3877
@@ -271,7 +271,7 @@
 	- courier-authlib 0.58-3.1 (bug #378571; medium)
 	[sarge] - courier-authlib <not-affected> (bug #378571; medium)
 CVE-2006-XXXX [opencubicplayer buffer overflows]
-	- ocp (medium; bug #381098)
+	- ocp 0.1.10rc6-1 (medium; bug #381098)
 CVE-2006-XXXX [uqwk buffer overflow]
 	- uqwk 2.21-13 (bug #376577; medium)
 CVE-2006-XXXX [gjay buffer overrun]

More information about the Secure-testing-commits mailing list