[Secure-testing-commits] r4441 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Jul 21 15:57:20 UTC 2006 

Author: jmm-guest
Date: 2006-07-21 15:57:18 +0000 (Fri, 21 Jul 2006)
New Revision: 4441

Modified:
   data/CVE/list
Log:
two no-dsa, removed some sarge entries already present in DSA/list


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-07-21 14:31:02 UTC (rev 4440)
+++ data/CVE/list	2006-07-21 15:57:18 UTC (rev 4441)
@@ -147,6 +147,7 @@
 	NOT-FOR-US: AjaxPortal
 CVE-2006-3665 (SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows ...)
 	- squirrelmail 2:1.4.7-1 (low)
+	[sarge] - squirrelmail <no-dsa> (Operation with registers_globals not supported)
 CVE-2006-3664 (Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2006-3663 (Finjan Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a ...)
@@ -12513,13 +12514,12 @@
 	NOT-FOR-US: HP-UX
 CVE-2005-XXXX [adduser's deluser creates backup files with world readable permissions]
 	- adduser 3.77 (bug #331720; low)
-	NOTE: Woody and Sarge affected
+	[sarge] - adduser <no-dsa> (Very minimal security ramifications, admin's reponsibility)
 CVE-2005-XXXX [Pavuk Digest Authentication Buffer Overflow]
 	- pavuk 0.9.33-1 (bug #264684; high)
 	NOTE: second hole mentioned in bug report
 CVE-2005-3751 (HTTP request smuggling vulnerability in Pound before 1.9.4 allows ...)
 	{DSA-934-1}
-	[sarge] - pound 1.8.2-1sarge1
 	- pound 1.9.4-1 (low)
 	NOTE: see http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000
 CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6 before ...)
@@ -12533,8 +12533,6 @@
 CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.13-1 (low)
-	TODO: Check, whether the 2.4 fix was included in the DSA
-	[sarge] - kernel-source-2.4.27 2.4.27-10sarge1 (low)
 CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for Radionet Open Source ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1

More information about the Secure-testing-commits mailing list