[Secure-testing-commits] r3553 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Mar 3 14:39:24 UTC 2006
Author: jmm-guest
Date: 2006-03-03 14:39:18 +0000 (Fri, 03 Mar 2006)
New Revision: 3553
Modified:
data/CVE/list
Log:
fixed issues in amaya and gallery2
gallery2's security history is too bad to make it part of Etch, this
probably deserves a RC bug IMO
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-02 18:54:01 UTC (rev 3552)
+++ data/CVE/list 2006-03-03 14:39:18 UTC (rev 3553)
@@ -1,3 +1,7 @@
+CVE-2006-XXXX [the usual gallery2 XSS]
+ - gallery2 2.0.3-1
+CVE-2006-XXXX [Insecure rpath in amaya]
+ - amaya 9.4-1 (bug #341424)
CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...)
TODO: check
CVE-2006-0936 (Free Host Shop Website Generator 3.3 allows remote authenticated users ...)
@@ -73,7 +77,7 @@
CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and ...)
TODO: check
CVE-2006-0900 (nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial ...)
- TODO: check
+ - kfreebsd-5 5.4-15
CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1 and ...)
TODO: check
CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV ...)
More information about the Secure-testing-commits
mailing list