[Secure-testing-commits] r5136 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Sun Dec 17 17:09:51 CET 2006 

Author: stef-guest
Date: 2006-12-17 17:09:49 +0100 (Sun, 17 Dec 2006)
New Revision: 5136

Modified:
   data/CVE/list
Log:
- new moodle issue fixed
- new znc issue fixed (medium)
- new tdiary issue (fixed in experimental, medium)
- lha fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-17 15:41:04 UTC (rev 5135)
+++ data/CVE/list	2006-12-17 16:09:49 UTC (rev 5136)
@@ -1,3 +1,9 @@
+CVE-2006-XXXX [moodle unspecified security bug in the forum module (discuss.php)]
+	- moodle 1.6.3-2
+CVE-2006-XXXX [znc file access security hole]
+	- znc 0.045-3 (bug #403141; medium)
+CVE-2006-XXXX [tdiary arbitrary code execution]
+	- tdiary 2.1.4-6 (bug #403345; medium)
 CVE-2006-6573 (Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced ...)
 	TODO: check
 CVE-2006-6572 (Unspecified vulnerability in Citrix Advanced Access Control (AAC) ...)
@@ -4864,13 +4870,13 @@
 CVE-2006-4338 (unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (medium)
-	- lha <unfixed> (medium; bug #401301)
+	- lha 1.14i-10.1 (medium; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
 CVE-2006-4337 (Buffer overflow in the make_table function in the LHZ component in ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-	- lha <unfixed> (high; bug #401301)
+	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
 CVE-2006-4336 (Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows ...)
@@ -4879,7 +4885,7 @@
 CVE-2006-4335 (Array index error in the make_table function in unlzh.c in the LZH ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-	- lha <unfixed> (high; bug #401301)
+	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
 CVE-2006-4334 (Unspecified vulnerability in gzip 1.3.5 allows context-dependent ...)

More information about the Secure-testing-commits mailing list