[Secure-testing-commits] r5184 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Dec 27 20:31:27 CET 2006 

Author: jmm-guest
Date: 2006-12-27 20:31:25 +0100 (Wed, 27 Dec 2006)
New Revision: 5184

Modified:
   data/CVE/list
Log:
new abiword issue for sarge, etch not yet checked
new viewvc issue
bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-27 19:07:20 UTC (rev 5183)
+++ data/CVE/list	2006-12-27 19:31:25 UTC (rev 5184)
@@ -2,7 +2,7 @@
 	- openser 1.1.0-8 (medium; bug #404591)
 	NOTE: OpenPKG-SA-2006.042
 CVE-2006-XXXX [w3m format string issue]
-	- w3m 0.5.1-5.1 (low)
+	- w3m 0.5.1-5.1 (low; bug #404564)
 	TODO: Check w3mee, is this forked version still needed?
 CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
 	- libflash 0.4.13-9 (low; bug #399508)
@@ -1984,7 +1984,7 @@
 CVE-2006-5864 (Stack-based buffer overflow in the ps_gettext function in ps.c for GNU ...)
 	{DSA-1214}
 	- gv 1:3.6.2-2 (medium; bug #398292)
-	- evince 0.4.0-3 (medium; bug #400904)
+	- evince 0.4.0-3 (medium; bug #400904; bug #400906; bug #402063)
 CVE-2006-5818 (Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before ...)
 	NOT-FOR-US: Lotus Domino 
 CVE-2006-5817 (prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure ...)
@@ -2838,7 +2838,7 @@
 CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics ...)
 	- wims 3.60-1 (bug #395102)
 CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP ...)
-	NOT-FOR-US: ViewVC viewcvs
+	- viewvc <unfixed> (medium; #397669)
 CVE-2006-5441 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web ...)
 	NOT-FOR-US: Comdev Web Blogger
 CVE-2006-5440 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev ...)
@@ -4874,6 +4874,8 @@
 	- libgsf 1.14.2-1
 CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly ...)
 	- wv 1.2.4-1 (bug #396256; medium)
+	TODO: The maintainer tagged it Sarge, check, when this was fixed in etch/sid
+	[sarge] - abiword <unfixed> (bug #396360)
 CVE-2006-4512
 	RESERVED
 CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)

More information about the Secure-testing-commits mailing list