[Secure-testing-commits] r5062 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Dec 4 21:44:20 CET 2006
Author: jmm-guest
Date: 2006-12-04 21:44:18 +0100 (Mon, 04 Dec 2006)
New Revision: 5062
Modified:
data/CVE/list
Log:
no-dsa for kile
there seem to be two different squirrelmail issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-04 20:42:32 UTC (rev 5061)
+++ data/CVE/list 2006-12-04 20:44:18 UTC (rev 5062)
@@ -277,8 +277,7 @@
RESERVED
CVE-2006-6142 [squirrelmail XSS]
RESERVED
- - squirrelmail 2:1.4.9a-1 (unimportant)
- NOTE: Only exploitable with IE, needs (and has been) to be fixed there
+ - squirrelmail 2:1.4.9a-1
CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a ...)
NOT-FOR-US: Tftpd32
CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...)
@@ -403,7 +402,8 @@
CVE-2006-6086 (PHP remote file inclusion vulnerability in ark_inc.php in e-Ark 1.0 ...)
NOT-FOR-US: e-Ark
CVE-2006-6085 (Kile before 1.9.3 does not assign a backup file the same permissions ...)
- - kile 1:1.9.3-1
+ - kile 1:1.9.3-1 (low)
+ [sarge] - kile <no-dsa> (Minor issue)
CVE-2006-6084 (Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy ...)
NOT-FOR-US: aBitWhizzy
CVE-2006-6083 (SQL injection vulnerability in search.asp in CreaScripts Creadirectory ...)
More information about the Secure-testing-commits
mailing list