[Secure-testing-commits] r3545 - in data: CVE DSA

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2006-02-28 14:47:47 +0000 (Tue, 28 Feb 2006)
New Revision: 3545

Modified:
   data/CVE/list
   data/DSA/list
Log:
three new DSA
no-dsa for obscure MIT kerberos info leaks


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-26 21:53:35 UTC (rev 3544)
+++ data/CVE/list	2006-02-28 14:47:47 UTC (rev 3545)
@@ -16057,7 +16057,11 @@
 CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and ...)
 	TODO: check heimdal, netkit-telnet-ssl
 	- krb4 <unfixed> (low)
+	[woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
+	[sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
 	- krb5 <unfixed> (low)
+	[woody] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
+	[sarge] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
 	- netkit-telnet <not-affected> (netkit-telnet is not affected)
 CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows ...)
 	NOTE: This is not a real security issue; it just describes the fact that the Gecko

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-02-26 21:53:35 UTC (rev 3544)
+++ data/DSA/list	2006-02-28 14:47:47 UTC (rev 3545)
@@ -1,3 +1,16 @@
+[27 Feb 2006] DSA-983-1 pdftohtml - several
+	{CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+	[sarge] - pdftohtml 0.36-11sarge2
+	NOTE: sid is not affected, just a revamp of previous patches
+[27 Feb 2006] DSA-982-1 gpdf - several
+	{CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+	[sarge] - pgdf 2.8.2-1.2sarge4
+	NOTE: sid is not affected, just a revamp of previous patches
+[26 Feb 2006] DSA-981-1 bmv - integer overflow
+	{CVE-2005-3278}
+	[woody] - bmv 1.2-14.3
+	[sarge] - bmv 1.2-17sarge1
+	NOTE: fixed in testing at the time of DSA
 [22 Feb 2006] DSA-980-1 tutos - several
 	{CVE-2004-2161 CVE-2004-2162}
 	[sarge] - tutos 1.1.20031017-2+1sarge1