[Secure-testing-commits] r3392 - in data: CVE DSA

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2006-01-31 10:05:53 +0000 (Tue, 31 Jan 2006)
New Revision: 3392

Modified:
   data/CVE/list
   data/DSA/list
Log:
unalz DSA
update on imagemagick DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-01-30 21:14:23 UTC (rev 3391)
+++ data/CVE/list	2006-01-31 10:05:53 UTC (rev 3392)
@@ -1083,7 +1083,7 @@
 CVE-2005-XXXX [snort: DoS in verbose mode]
 	- snort 2.3.3-2 (bug #328134; low)
 CVE-2005-4601 (The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers ...)
-	{DSA-957-1}
+	{DSA-957-2}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
 	NOTE: Exploitable through Gnus and Thunderbird.
 CVE-2006-0053

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-01-30 21:14:23 UTC (rev 3391)
+++ data/DSA/list	2006-01-31 10:05:53 UTC (rev 3392)
@@ -1,3 +1,7 @@
+[30 Jan 2006] DSA-959-1 unalz - buffer overflow
+        {CVE-2005-3862}
+        [sarge] - unalz 0.30.1
+	NOTE: not fixed in testing at time of DSA (unfixed in sid)
 [27 Jan 2006] DSA-958-1 drupal - several
         {CVE-2005-3973 CVE-2005-3974 CVE-2005-3975}
         [sarge] - drupal 4.5.3-5
@@ -2,6 +6,6 @@
 	NOTE: fixed in testing at time of DSA 
-[26 Jan 2006] DSA-957-1 imagemagick - missing shell meta sanitising
+[26 Jan 2006] DSA-957-2 imagemagick - missing shell meta sanitising
         {CVE-2005-4601}
-        [woody] - imagemagick 4:5.4.4.5-1woody7
-        [sarge] - imagemagick 6:6.0.6.2-2.5
+        [woody] - imagemagick 4:5.4.4.5-1woody8
+        [sarge] - imagemagick 6:6.0.6.2-2.6
 	NOTE: fixed in testing at time of DSA