[Secure-testing-commits] r5059 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Mon Dec 4 20:49:17 CET 2006 

Author: stef-guest
Date: 2006-12-04 20:49:15 +0100 (Mon, 04 Dec 2006)
New Revision: 5059

Modified:
   data/CVE/list
Log:
- new ruby issue fixed
- new squirrelmail not-really-an-issue fixed
- gnupg2 fixed
- dhcp fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-04 08:14:14 UTC (rev 5058)
+++ data/CVE/list	2006-12-04 19:49:15 UTC (rev 5059)
@@ -1,3 +1,8 @@
+CVE-2006-XXXX [squirrelmail XSS on MSIE <=5]
+	- squirrelmail 2:1.4.9a-1 (unimportant)
+CVE-2006-XXXX [DoS in ruby cgi.rb]
+	- ruby1.8 1.8.5-4 (low)
+	TODO: check other ruby versions
 CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to ...)
 	TODO: check
 CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP ...)
@@ -299,7 +304,7 @@
 	NOTE: NOT-FOR-US (Apple Mac OS X)
 CVE-2006-6169 (Heap-based buffer overflow in the ask_outfile_name function in ...)
 	- gnupg 1.4.5-3 (medium)
-	- gnupg2 <unfixed> (medium; bug #400777)
+	- gnupg2 2.0.0-5.1 (medium; bug #400777)
 CVE-2006-XXXX [several security issues in phpmyadmin]
 	- phpmyadmin 4:2.9.1.1-1 (bug #399329)
 	NOTE: PMASA-2006-7, PMASA-2006-8, PMASA-2006-9
@@ -427,7 +432,7 @@
 CVE-2006-6072 (SQL injection vulnerability in bpg/publications_list.asp in ...)
 	NOT-FOR-US: BPG-InfoTech Easy Publisher
 CVE-2006-6071 (TWiki 4.0.5 and earlier, when running under Apache 1.3 using ...)
-	- twiki 1:4.0.5-2 (bug #401303)
+	- twiki 1:4.0.5-2 (bug #401303; low)
 CVE-2006-6070 (SQL injection vulnerability in module/account/register/register.asp in ...)
 	NOT-FOR-US: ASP Nuke
 CVE-2006-6069 (index.php in mAlbum 0.3 and earlier allows remote attackers to obtain ...)
@@ -6980,7 +6985,7 @@
 	- cfs 1.4.1-17
 CVE-2006-3122 (The supersede_lease function in memory.c in ISC DHCP (dhcpd) server ...)
 	{DSA-1143-1}
-	- dhcp <unfixed> (bug #380273)
+	- dhcp 2.0pl5-19.5 (bug #380273)
 CVE-2006-3121 (The peel_netstring function in cl_netstring.c in the heartbeat ...)
 	{DSA-1151-1}
 	- heartbeat-2 2.0.6-2

More information about the Secure-testing-commits mailing list