[Secure-testing-commits] r4169 - data/CVE

Sat Jun 10 09:14:28 UTC 2006

Author: joeyh
Date: 2006-06-10 09:14:25 +0000 (Sat, 10 Jun 2006)
New Revision: 4169

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-06-10 08:52:31 UTC (rev 4168)
+++ data/CVE/list	2006-06-10 09:14:25 UTC (rev 4169)
@@ -634,6 +634,7 @@
 CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from memory ...)
 	NOT-FOR-US: VMware Server
 CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause a ...)
+	{DSA-1095-1}
 	TODO: check
 CVE-2006-2660
 	RESERVED
@@ -672,6 +673,7 @@
 CVE-2006-XXXX ['Cache' shell injection vulnerability]
 	- wordpress 2.0.3-1 (high; bug #369014)
 CVE-2006-2753 (SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x ...)
+	{DSA-1092-1}
 	- mysql-dfsg <not-affected> (Vulnerable code was introduced in 4.1)
 	- mysql <not-affected> (Vulnerable code was introduced in 4.1)
 	- mysql-dfsg-5.0 5.0.22-1 (bug #369735; medium)
@@ -679,6 +681,7 @@
 CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause ...)
 	- courier 0.53.2-1 (bug #368834)
 CVE-2006-2656 (Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 ...)
+	{DSA-1091-1}
 	- tiff 3.8.2-3 (bug #369819; low)
 CVE-2006-2643 (Cross-site scripting (XSS) vulnerability in index.php in Monster Top ...)
 	NOT-FOR-US: Monster Top List
@@ -1014,6 +1017,7 @@
 	NOT-FOR-US: IntelliTampe
 CVE-2006-2493
 	REJECTED
+	{DSA-1095-1}
 CVE-2005-1755 (PHP remote code injection vulnerability in poll_vote.php in PHP Poll ...)
 	NOT-FOR-US: PHP Poll Creator
 CVE-2005-1754 (JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, ...)
@@ -1119,6 +1123,7 @@
 CVE-2006-2448
 	RESERVED
 CVE-2006-2447 (SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...)
+	{DSA-1090-1}
 	- spamassassin 3.1.3-1 (medium)
 CVE-2006-2446
 	RESERVED
@@ -1593,6 +1598,7 @@
 CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in ...)
 	NOT-FOR-US: Big Webmaster Guestbook Script
 CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...)
+	{DSA-1093-1}
 	- xine-ui <unfixed> (medium; bug #363370)
 CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the --management ...)
 	- openvpn <unfixed> (unimportant)
@@ -1685,6 +1691,7 @@
 CVE-2006-2194
 	RESERVED
 CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...)
+	{DSA-1091-1}
 	- tiff 3.8.2-4 (bug #371064; medium)
 CVE-2006-2191
 	RESERVED
@@ -2458,6 +2465,7 @@
 CVE-2006-1862 (The virtual memory implementation in Linux kernel 2.6.x allows local ...)
 	TODO: check
 CVE-2006-1861 (Multiple integer overflows in FreeType before 2.2 allow remote ...)
+	{DSA-1095-1}
 	- freetype 2.2.1-1
 CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...)
 	- linux-2.6 2.6.16-14
@@ -5167,6 +5175,7 @@
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (high)
 	- xulrunner 1.8.0.1-9
 CVE-2006-0747 (integer underflow in Freetype before 2.2 allows remote attackers to ...)
+	{DSA-1095-1}
 	TODO: check
 CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...)
 	{DSA-1008-1}


