[Secure-testing-commits] r3477 - in data: . CVE DSA
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Tue Feb 14 11:40:52 UTC 2006
Author: jmm-guest
Date: 2006-02-14 11:40:47 +0000 (Tue, 14 Feb 2006)
New Revision: 3477
Modified:
data/CVE/list
data/DSA/list
data/embedded-code-copies
Log:
new xpdf issue
remove mydns dupe
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-14 09:47:16 UTC (rev 3476)
+++ data/CVE/list 2006-02-14 11:40:47 UTC (rev 3477)
@@ -806,8 +806,6 @@
- mediawiki <unfixed> (low)
CVE-2005-4666 (Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 ...)
NOT-FOR-US: PHlyMail
-CVE-2006-XXXX [mydns remote DoS]
- - mydns 1.1.0+pre-3 (medium)
CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to ...)
{DSA-956-1}
- lsh-utils 2.0.1cdbs-4 (low; bug #349303)
@@ -3718,7 +3716,7 @@
- helix-player <unfixed> (unknown)
NOTE: http://service.real.com/help/faq/security/security111605.html
CVE-2005-XXXX [maradns risk mitigation against AES side channel attacks by Shamir et al.]
- - maradns 1.0.35-1
+ - maradns 1.0.35-1 (unimportant)
CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...)
NOT-FOR-US: yaSSL
CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2006-02-14 09:47:16 UTC (rev 3476)
+++ data/DSA/list 2006-02-14 11:40:47 UTC (rev 3477)
@@ -1,3 +1,7 @@
+[14 Feb 2006] DSA-971-1 xpdf - buffer overflow
+ {CVE-2006-0301}
+ [sarge] - xpdf 3.00-13.5
+ NOTE: fixed in testing at time of DSA
[14 Feb 2006] DSA-970-1 kronolith - missing input sanitising
{CVE-2005-4189}
[sarge] - kronolith 1.1.4-2sarge1
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2006-02-14 09:47:16 UTC (rev 3476)
+++ data/embedded-code-copies 2006-02-14 11:40:47 UTC (rev 3477)
@@ -6,7 +6,7 @@
gpdf
pdftohtml
kdegraphics/kpdf
-tetex-bin (the very latest tetex-bin started to use poppler)
+tetex-bin (links to poppler since 3.0-12)
cupsys (only older releases, recent ones use xpdf-utils, it's still present in the src, though)
poppler
koffice
More information about the Secure-testing-commits
mailing list