[Secure-testing-commits] r3237 - data/CVE
Micah Anderson
micah at costa.debian.org
Fri Jan 6 01:25:32 UTC 2006
Author: micah
Date: 2006-01-06 01:25:27 +0000 (Fri, 06 Jan 2006)
New Revision: 3237
Modified:
data/CVE/list
Log:
vserver updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-06 00:04:59 UTC (rev 3236)
+++ data/CVE/list 2006-01-06 01:25:27 UTC (rev 3237)
@@ -682,7 +682,10 @@
CVE-2005-4347 [Improper barrier code allows for chroot escape]
RESERVED
- util-vserver 0.30.208-1
+ - kernel-patch-vserver 2.3 (bug #329087; medium)
+ [sarge] - kernel-patch-vserver 1.9.5.4 (bug #329087; medium)
[sarge] - util-vserver 0.30.204-5sarge3 (bug #329090; medium)
+ NOTE: both util-vserver and the kernel-patch-vserver need to be upgraded to fix this vulnerability
CVE-2005-4346 (SQL injection vulnerability in index.php in phpBB Blog 2.2.2 and ...)
NOT-FOR-US: phpBB Blog
TODO: Double-check please, this doesn't seem to be included in stock phpbb
@@ -4449,9 +4452,6 @@
CVE-2005-XXXX [imview: Possible buffer overflow with FITS images]
- imview <unfixed> (bug #326971; unknown)
TODO: Needs further evaluation
-CVE-2005-XXXX [ Chroot escape in vserver kernel patch]
- - kernel-patch-vserver 2.3 (bug #329087; medium)
- [sarge] - kernel-patch-vserver 1.9.5.4 (bug #329087; medium)
CVE-2005-3753 (Linux kernel before after 2.6.12 and before 2.6.13.1 might allow ...)
- linux-2.6 2.6.12-7 (low)
CVE-2005-3043 (SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows ...)
More information about the Secure-testing-commits
mailing list