[Secure-testing-commits] r3198 - data/CVE

Micah Anderson micah at costa.debian.org
Sun Jan 1 21:39:38 UTC 2006 

Author: micah
Date: 2006-01-01 21:39:30 +0000 (Sun, 01 Jan 2006)
New Revision: 3198

Modified:
   data/CVE/list
Log:
Added not-affected lines for all packages in woody for CVE-2005-2096


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-01-01 21:28:50 UTC (rev 3197)
+++ data/CVE/list	2006-01-01 21:39:30 UTC (rev 3198)
@@ -4064,6 +4064,7 @@
 	- mozilla-firefox <unfixed> (bug #203034; bug #235932; low)
 CVE-2004-XXXX [Insecure temp files in amanda's chg-manual]
 	- amanda <unfixed> (bug #226139; low)
+	NOTE: Woody and Sarge affected
 CVE-2004-XXXX [Buffer overflow in wdm's login]
 	- wdm <unfixed> (bug #276218; low)
 CVE-2005-3752 (Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact ...)
@@ -7731,21 +7732,30 @@
 	NOTE: Not all of the listed packages have been checked for actual
 	NOTE: exploitability using this hole.
 	NOTE: oldstable (woody) had zlib 1.1, which is not affected
+	[woody] - dpkg <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- dpkg 1.13.11 (bug #317967; medium)
 	- zsync 0.4.0-2 (bug #317968; medium)
+	[woody] - dump <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- dump 0.4b40-1 (bug #317966; medium)
 	[woody] - aide <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- aide 0.10-6.1.1 (bug #317523; medium)
+	[woody] - amd64-libs <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- amd64-libs 1.3 (bug #317970; medium)
+	[woody] - ia32-libs <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- ia32-libs <unfixed> (bug #317971; medium)
 	- dar <not-affected> (zlib not used on unstrusted input, see #317989)
+	[woody] - bacula <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- bacula 1.36.3-2 (bug #318014; medium)
+	[woody] - sash <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- sash 3.7-6 (bug #318246; bug #318069; medium)
+	[woody] - libphysfs <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- libphysfs 1.0.0-5 (bug #318091; medium)
 	- oops <unfixed> (bug #318097; medium)
+	[woody] - rpm <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- rpm 4.0.4-31.1 (bug #318099; medium)
 	- rageircd 2.0.0-3sid1 (bug #309196; medium)
 	- systemimager-ssh <unfixed> (bug #318101; unimportant)
+	[woody] - texmacs <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- texmacs 1:1.0.5-3 (bug #318100; medium)
 	- zlib 1:1.2.2-7 (bug #317133; medium)
 	- pvpgn 1.7.8-2 (bug #332236; unknown)

More information about the Secure-testing-commits mailing list