[Secure-testing-commits] r5165 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Sun Dec 24 14:10:22 CET 2006
Author: jmm-guest
Date: 2006-12-24 14:10:20 +0100 (Sun, 24 Dec 2006)
New Revision: 5165
Modified:
data/CVE/list
Log:
libflash not in sarge
chetcpasswd CVEfied
libarchive hardly a security issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-23 13:21:35 UTC (rev 5164)
+++ data/CVE/list 2006-12-24 13:10:20 UTC (rev 5165)
@@ -1,6 +1,5 @@
CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
- libflash 0.4.13-9 (low; bug #399508)
- [sarge] - libflash <no-dsa> (minor issue)
CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle ...)
NOT-FOR-US: Oracle
CVE-2006-6696 (Double-free vulnerability in Microsoft Windows 2000, XP, 2003, and ...)
@@ -1830,10 +1829,6 @@
NOT-FOR-US: NuStore
CVE-2003-1308 (CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x ...)
- fvwm 2.5.10-1
-CVE-2006-XXXX [chetcpasswd multiple vulnerabilities]
- - chetcpasswd <unfixed> (bug #394454)
- NOTE: I've filed a removal bug, this doesn't have a security perspective
- NOTE: It's too buggy even for sid and was never part of stable or testing
CVE-2006-5884 (Multiple unspecified vulnerabilities in DirectAnimation ActiveX ...)
NOT-FOR-US: DirectAnimation ActiveX controls for Microsoft Internet Explorer
CVE-2006-5883 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
@@ -2281,7 +2276,7 @@
CVE-2006-5681 (QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with ...)
TODO: check
CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...)
- - libarchive 1.3.1-1
+ - libarchive 1.3.1-1 (unimportant)
CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...)
- kfreebsd-5 <unfixed>
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
More information about the Secure-testing-commits
mailing list