[Secure-testing-commits] r3477 - in data: . CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Feb 14 11:40:52 UTC 2006


Author: jmm-guest
Date: 2006-02-14 11:40:47 +0000 (Tue, 14 Feb 2006)
New Revision: 3477

Modified:
   data/CVE/list
   data/DSA/list
   data/embedded-code-copies
Log:
new xpdf issue
remove mydns dupe


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-14 09:47:16 UTC (rev 3476)
+++ data/CVE/list	2006-02-14 11:40:47 UTC (rev 3477)
@@ -806,8 +806,6 @@
 	- mediawiki <unfixed> (low)
 CVE-2005-4666 (Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 ...)
 	NOT-FOR-US: PHlyMail
-CVE-2006-XXXX [mydns remote DoS]
-	- mydns 1.1.0+pre-3 (medium)
 CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to ...)
 	{DSA-956-1}
 	- lsh-utils 2.0.1cdbs-4 (low; bug #349303)
@@ -3718,7 +3716,7 @@
 	- helix-player <unfixed> (unknown)
 	NOTE: http://service.real.com/help/faq/security/security111605.html
 CVE-2005-XXXX [maradns risk mitigation against AES side channel attacks by Shamir et al.]
-	- maradns 1.0.35-1
+	- maradns 1.0.35-1 (unimportant)
 CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...)
 	NOT-FOR-US: yaSSL 
 CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-02-14 09:47:16 UTC (rev 3476)
+++ data/DSA/list	2006-02-14 11:40:47 UTC (rev 3477)
@@ -1,3 +1,7 @@
+[14 Feb 2006] DSA-971-1 xpdf - buffer overflow
+        {CVE-2006-0301}
+        [sarge] - xpdf 3.00-13.5
+	NOTE: fixed in testing at time of DSA
 [14 Feb 2006] DSA-970-1 kronolith - missing input sanitising
         {CVE-2005-4189}
         [sarge] - kronolith 1.1.4-2sarge1

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2006-02-14 09:47:16 UTC (rev 3476)
+++ data/embedded-code-copies	2006-02-14 11:40:47 UTC (rev 3477)
@@ -6,7 +6,7 @@
 gpdf
 pdftohtml
 kdegraphics/kpdf
-tetex-bin (the very latest tetex-bin started to use poppler)
+tetex-bin (links to poppler since 3.0-12)
 cupsys (only older releases, recent ones use xpdf-utils, it's still present in the src, though)
 poppler
 koffice




More information about the Secure-testing-commits mailing list