[Secure-testing-commits] r4601 - data/CVE

Sat Aug 19 11:05:17 UTC 2006

Author: stef-guest
Date: 2006-08-19 11:05:15 +0000 (Sat, 19 Aug 2006)
New Revision: 4601

Modified:
   data/CVE/list
Log:
- libxfont fixed
- CVE-2006-4144 graphicsmagick fixed
- CVE-2006-4031 mysql-dfsg-5.0 fixed
- CVE-2006-3913 freeciv fixed
- CVE-2006-3468 linux-2.6.16 fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-08-18 18:36:01 UTC (rev 4600)
+++ data/CVE/list	2006-08-19 11:05:15 UTC (rev 4601)
@@ -243,14 +243,14 @@
 CVE-2006-4072 (Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 ...)
 	TODO: check
 CVE-2006-XXXX [X PCF Integer Overflow Vulnerability]
-	- libxfont <unfixed> (medium; bug #383353)
+	- libxfont 1:1.2.0-2 (medium; bug #383353)
 	[sarge] - xfree86 <unfixed> (medium)
 CVE-2006-4144 (Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick ...)
 	- imagemagick <unfixed> (medium; bug #383314)
-	- graphicsmagick <unfixed> (medium; bug #383333)
+	- graphicsmagick 1.1.7-7 (medium; bug #383333)
 CVE-2006-XXXX [libmusicbrainz buffer overflows]
-	- libmusicbrainz-2.1 (medium; bug #383030)
-	- libmusicbrainz-2.0 (medium; bug #383031)
+	- libmusicbrainz-2.1 <unfixed> (medium; bug #383030)
+	- libmusicbrainz-2.0 <unfixed> (medium; bug #383031)
 CVE-2006-XXXX [crash in the certificate verification logic]
 	NOTE: GNUTLS-SA-2006-2
 	- gnutls11 <unfixed> (medium)
@@ -340,7 +340,7 @@
 CVE-2006-4032 (Unspecified vulnerability in Cisco IOS CallManager Express (CME) ...)
 	NOT-FOR-US: Cisco
 CVE-2006-4031 (MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to ...)
-	- mysql-dfsg-5.0 <unfixed> (bug #382415; low)
+	- mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
 	- mysql-dfsg <unfixed> (low)
 CVE-2006-4030 (Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and ...)
 	{DSA-1148-1}
@@ -596,7 +596,7 @@
 	NOT-FOR-US: Academic Suite
 CVE-2006-3913 (Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul ...)
 	{DSA-1142-1}
-	- freeciv <unfixed> (bug #381378; medium)
+	- freeciv 2.0.8-3 (bug #381378; medium)
 CVE-2006-3912 (Stack-based buffer overflow in the SFX module in WinRAR before 3.60 ...)
 	NOT-FOR-US: WinRAR
 CVE-2006-3911 (PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 ...)
@@ -1620,7 +1620,7 @@
 	- mysql-dfsg-5.0 5.0.22-1
 CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...)
 	- linux-2.6 <unfixed>
-	- linux-2.6.16 <unfixed>
+	- linux-2.6.16 2.6.16-18
 CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers to ...)
 	- freetype 2.2.1-1 (bug #379920; medium)
 CVE-2006-3466


