[Secure-testing-commits] r5179 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Tue Dec 26 13:15:48 CET 2006 

Author: jmm-guest
Date: 2006-12-26 13:15:46 +0100 (Tue, 26 Dec 2006)
New Revision: 5179

Modified:
   data/CVE/list
Log:
record correct fix for typo3
moodle already fixed per maintainer
dbus issue just an unimportant local annoyance bug
gaim-encryption no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-26 08:14:19 UTC (rev 5178)
+++ data/CVE/list	2006-12-26 12:15:46 UTC (rev 5179)
@@ -16,7 +16,7 @@
 CVE-2006-6691 (Multiple PHP remote file inclusion vulnerabilities in Valdersoft ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
 CVE-2006-6690 (rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through ...)
-	- typo3 4.0.4+debian-1 (high; bug #403906)
+	- typo3 4.0.2+debian-2 (high; bug #403906)
 	NOTE: http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
 CVE-2006-6689 (Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 ...)
 	NOT-FOR-US: Paristemi
@@ -176,7 +176,7 @@
 	- moodle 1.6-1
 	NOTE: Does not affect moodle 1.6 according to SecurityFocus.
 CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in ...)
-	- moodle <unfixed> (low)
+	- moodle 1.6.3-2 (low)
 	NOTE: "SC#341 fixed initilaization of navtail variable"
 	NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log
 CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users ...)
@@ -1363,7 +1363,8 @@
 CVE-2006-6108 (Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta ...)
 	NOT-FOR-US: EC-CUBE
 CVE-2006-6107 (Unspecified vulnerability in the match_rule_equal function in ...)
-	- dbus 1.0.2-1
+	- dbus 1.0.2-1 (low)
+	[sarge] - dbus <no-dsa> (Minor issue)
 CVE-2006-6106 (Multiple buffer overflows in the cmtp_recv_interopmsg function in the ...)
 	- linux-2.6 <unfixed>
 CVE-2006-6105 (Format string vulnerability in the host chooser window (gdmchooser) in ...)
@@ -14466,7 +14467,8 @@
 CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain ...)
 	- webgui <itp> (bug #139749)
 CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to ...)
-	- gaim-encryption 3.0~beta5-3 (bug #337127)
+	- gaim-encryption 3.0~beta5-3 (log; bug #337127)
+	[sarge] - gaim-encryption <no-dsa> (Minor issue)
 CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before ...)
 	NOT-FOR-US: mroovca
 CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...)

More information about the Secure-testing-commits mailing list