[Secure-testing-commits] r3331 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Jan 20 21:14:27 UTC 2006
Author: joeyh
Date: 2006-01-20 21:14:21 +0000 (Fri, 20 Jan 2006)
New Revision: 3331
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-20 20:37:19 UTC (rev 3330)
+++ data/CVE/list 2006-01-20 21:14:21 UTC (rev 3331)
@@ -406,6 +406,7 @@
CVE-2006-0152 (Cross-site scripting (XSS) in search_result.php in phpChamber 1.2 and ...)
NOT-FOR-US: phpChamber
CVE-2006-0151 (sudo 1.6.8 and other versions does not clear the PYTHONINSPECT ...)
+ {DSA-946-1}
- sudo <unfixed>
NOTE: The whole black list approach is flawed, for the DSA we'll switch to
NOTE: a white list approach of known to be safe env vars.
@@ -451,6 +452,7 @@
CVE-2004-2653 (Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows ...)
NOT-FOR-US: PD9 Software MegaBBS
CVE-2006-0162 (Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus ...)
+ {DSA-947-1}
- clamav 0.88-1
NOTE: Sarge is affected
CVE-2006-0138 (aMSN (aka Alvaro's Messenger) allows remote attackers to cause a ...)
@@ -1043,6 +1045,7 @@
- linux-2.6 <unfixed>
CVE-2006-0019 [kjs heap overflow]
RESERVED
+ {DSA-948-1}
- kdelibs <unfixed> (medium)
CVE-2005-4474 (Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows ...)
NOT-FOR-US: WinRAR
@@ -1718,6 +1721,7 @@
CVE-2005-4159 (** DISPUTED ** ...)
NOT-FOR-US: Simple Machines Forum
CVE-2005-4158 (Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear ...)
+ {DSA-946-1}
- sudo <unfixed> (bug #342948; medium)
CVE-2005-4157 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 ...)
NOT-FOR-US: Kerio Firewall
More information about the Secure-testing-commits
mailing list