[Secure-testing-commits] r4641 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Sun Aug 27 18:53:42 UTC 2006 

Author: stef-guest
Date: 2006-08-27 18:53:39 +0000 (Sun, 27 Aug 2006)
New Revision: 4641

Modified:
   data/CVE/list
Log:
- libmusicbrainz-2.0, webmin removed
- CVE-2005-3098: qpopper not afected


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-08-27 18:33:27 UTC (rev 4640)
+++ data/CVE/list	2006-08-27 18:53:39 UTC (rev 4641)
@@ -282,7 +282,7 @@
 	NOT-FOR-US: Wheatblog
 CVE-2006-4197 (Multiple buffer overflows in libmusicbrainz (aka mb_client or ...)
 	- libmusicbrainz-2.1 2.1.4-1 (medium; bug #383030)
-	- libmusicbrainz-2.0 <unfixed> (medium; bug #383031)
+	- libmusicbrainz-2.0 <removed> (medium; bug #383031)
 CVE-2006-4196 (PHP remote file inclusion vulnerability in index.php in WEBInsta CMS ...)
 	NOT-FOR-US: WEBInsta CMS
 CVE-2006-4195 (PHP remote file inclusion vulnerability in param.peoplebook.php in the ...)
@@ -2090,7 +2090,7 @@
 CVE-2006-3393 (Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and ...)
 	NOT-FOR-US: Papyrus NASCAR Racing
 CVE-2006-3392 (Webmin before 1.290 and Usermin before 1.220 calls the simplify_path ...)
-	- webmin <unfixed> (medium; bug #381537)
+	- webmin <removed> (medium; bug #381537)
 CVE-2006-3391 (The Execute function in iMBCContents ActiveX Control before 2.0.0.59 ...)
 	NOT-FOR-US: iMBCContents
 CVE-2006-3390 (WordPress 2.0.3 allows remote attackers to obtain the installation ...)
@@ -14570,8 +14570,7 @@
 CVE-2005-3099 (Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in ...)
 	NOT-FOR-US: Solaris
 CVE-2005-3098 (poppassd in Qualcomm qpopper 4.0.8 allows local users to modify ...)
-	- qpopper <unfixed> (bug #330123; unimportant)
-	NOTE: Vulnerable code does not seem to be shipped in the binary package
+	- qpopper <not-affected> (bug #330123; Vulnerable code not shipped in binary)
 CVE-2005-3097 (Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka ...)
 	NOT-FOR-US: Avi Alkalay
 CVE-2005-3096 (Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote ...)

More information about the Secure-testing-commits mailing list