[Secure-testing-commits] r3266 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Jan 11 10:14:25 UTC 2006
Author: jmm-guest
Date: 2006-01-11 10:14:18 +0000 (Wed, 11 Jan 2006)
New Revision: 3266
Modified:
data/CVE/list
Log:
xmame buffer overflows
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-11 09:56:20 UTC (rev 3265)
+++ data/CVE/list 2006-01-11 10:14:18 UTC (rev 3266)
@@ -1,3 +1,9 @@
+CVE-2006-XXXX [xmame buffer overflows]
+ - xmame <unfixed>
+ NOTE: Only xmame-svgalib is vulnerable, the xmame-x package has a debconf
+ NOTE: question, that makes it very clear that setuid root is only for single-user
+ NOTE: systems and xmame-sdl and xmess aren't setuid at all
+ [sarge] - xmame <no-dsa> (XMame is non-free software)
CVE-2006-0160 (SQL injection vulnerability in add_post.php3 in Venom Board 1.22 ...)
TODO: check
CVE-2006-0159 (SQL injection vulnerability in escribir.php in Foro Domus 2.10 allows ...)
More information about the Secure-testing-commits
mailing list