[Secure-testing-commits] r4280 - data/CVE

Thu Jun 22 20:57:35 UTC 2006

Author: stef-guest
Date: 2006-06-22 20:57:33 +0000 (Thu, 22 Jun 2006)
New Revision: 4280

Modified:
   data/CVE/list
Log:
some closed bugs have been missed:
CVE-2006-1329: jabberd2 fixed
CVE-2006-1058: busybox fixed
CVE-2006-1664: libxine1 issue not reproducible
CVE-2006-151[678]: mysql, mysql-dfsg-4.1 removed from unstable+testing



Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-06-22 02:27:26 UTC (rev 4279)
+++ data/CVE/list	2006-06-22 20:57:33 UTC (rev 4280)
@@ -3364,7 +3364,8 @@
 CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal ...)
 	NOT-FOR-US: Arab Portal
 CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and ...)
-	- libxine1 <unfixed> (bug #363127; medium)
+	- libxine1 <not-affected> (not reproducible with Debian version)
+	NOTE: see bug #363127
 CVE-2006-1663
 	REJECTED
 CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote ...)
@@ -3767,21 +3768,21 @@
 CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
-	- mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
+	- mysql-dfsg-4.1 <removed> (bug #365939; medium)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; medium)
-	- mysql <unfixed> (bug #365939; medium)
+	- mysql <removed> (bug #365939; medium)
 CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
-	- mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+	- mysql-dfsg-4.1 <removed> (bug #365939; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
-	- mysql <unfixed> (bug #365939; low)
+	- mysql <removed> (bug #365939; low)
 CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up to ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
-	- mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+	- mysql-dfsg-4.1 <removed> (bug #365939; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
-	- mysql <unfixed> (bug #365939; low)
+	- mysql <removed> (bug #365939; low)
 CVE-2006-1515 (Buffer overflow in the addnewword function in typespeed 0.4.4 and ...)
 	{DSA-1084-1}
 	- typespeed 0.4.4-10
@@ -4215,7 +4216,7 @@
 CVE-2006-1330 (Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier ...)
 	NOT-FOR-US: phpWebsite
 CVE-2006-1329 (The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows ...)
-	- jabberd2 <unfixed> (bug #357874)
+	- jabberd2 2.0s11-1 (bug #357874)
 CVE-2006-1328 (SQL injection vulnerability in count.php in Skull-Splitter PHP ...)
 	NOT-FOR-US: Skull-Splitter PHP
 CVE-2006-1327 (SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote ...)
@@ -4822,7 +4823,7 @@
 	[woody] - samba <not-affected>
 	[sarge] - samba <not-affected>
 CVE-2006-1058 (BusyBox 1.1.1 does not use a salt when generating passwords, which ...)
-	- busybox <unfixed> (low; bug #360578)
+	- busybox 1:1.1.3-1 (low; bug #360578)
 CVE-2006-1057 (Race condition in daemon/slave.c in gdm before 2.14.1 allows local ...)
 	{DSA-1040-1}
 	- gdm 2.14.4-1


