[Secure-testing-commits] r4438 - data/CVE

Alec Berryman alec-guest at costa.debian.org
Fri Jul 21 02:10:25 UTC 2006


Author: alec-guest
Date: 2006-07-21 02:10:23 +0000 (Fri, 21 Jul 2006)
New Revision: 4438

Modified:
   data/CVE/list
Log:
* CVE-2006-3597 (passwd): Ubuntu-specific, fixes mistake in installation
* CVE-2006-3668 (libdumb): bug number


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-07-21 02:06:32 UTC (rev 4437)
+++ data/CVE/list	2006-07-21 02:10:23 UTC (rev 4438)
@@ -140,7 +140,7 @@
 CVE-2006-3669 (Mercury Messenger, possibly 1.7.1.1 and other versions, when running ...)
 	NOT-FOR-US: Mercury Messenger
 CVE-2006-3668 (Heap-based buffer overflow in the it_read_envelope function in Dynamic ...)
-	- libdumb <unfixed> (bug filed; medium)
+	- libdumb <unfixed> (bug #379064; medium)
 CVE-2006-3667 (Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking ...)
 	NOT-FOR-US: Sybase/Financial Fusion Consumer Banking Suite
 CVE-2006-3666 (SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc ...)
@@ -281,7 +281,7 @@
 CVE-2006-3598 (SQL injection vulnerability in the Sections module for PHP-Nuke allows ...)
 	NOT-FOR-US: Sections module for PHP-Nuke 
 CVE-2006-3597 (passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password ...)
-	TODO: check
+	- shadow <not-affected> (fix for a mistake in the Ubuntu installer)
 CVE-2006-3596 (The device driver for Intel-based gigabit network adapters in Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2006-3595 (The default configuration of IOS HTTP server in Cisco Router Web Setup ...)




More information about the Secure-testing-commits mailing list