[Secure-testing-commits] r3581 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Mar 10 17:54:09 UTC 2006
Author: jmm-guest
Date: 2006-03-10 17:54:01 +0000 (Fri, 10 Mar 2006)
New Revision: 3581
Modified:
data/CVE/list
Log:
removed duplicated libjpeg tmp file issue
older webmin issue resolved by perl fix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-10 12:19:18 UTC (rev 3580)
+++ data/CVE/list 2006-03-10 17:54:01 UTC (rev 3581)
@@ -2940,7 +2940,7 @@
[woody] - bugzilla <unfixed> (low)
[sarge] - bugzilla <unfixed> (low)
CVE-2005-XXXX [Insecure tempfile in libjpeg6b's exifautotran]
- - libjpeg6b 6b-11
+ - libjpeg6b 6b-11 (bug #340079; low)
[woody] - libjpeg6b <not-affected> (Does not include exifautotran)
CVE-2006-0043 (Buffer overflow in the realpath function in nfs-server rpc.mountd, as ...)
{DSA-975-1}
@@ -4286,8 +4286,8 @@
CVE-2005-3913 (Unspecified vulnerability in the domain alias management in Virtual ...)
NOT-FOR-US: Virtual Hosting Control System
CVE-2005-3912 (Format string vulnerability in miniserv.pl Perl web server in Webmin ...)
- [sarge] - webmin 1.180-3sarge0 (bug #341394; medium)
- NOTE: Later versions not affected, as the use proper format string passing
+ - perl 5.8.7-9 (bug #341542; medium)
+ NOTE: No longer exploitable with fixed Perl, thus no dedicated Webmin updated
CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 ...)
NOT-FOR-US: BosDates
CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with ...)
@@ -4933,8 +4933,6 @@
NOTE: Sarge and Woody are affected
CVE-2005-XXXX [unsafe file permissions in vpnc]
- vpnc <unfixed> (bug #340105; medium)
-CVE-2005-XXXX [Insecure tempfiles in libjpeg]
- - libjpeg6b 6b-11 (bug #340079; low)
CVE-2006-0017
RESERVED
CVE-2006-0016
More information about the Secure-testing-commits
mailing list