[Secure-testing-commits] r3605 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Mar 13 11:29:03 UTC 2006


Author: jmm-guest
Date: 2006-03-13 11:28:56 +0000 (Mon, 13 Mar 2006)
New Revision: 3605

Modified:
   data/CVE/list
   data/DSA/list
Log:
three new issues
new DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-13 09:14:19 UTC (rev 3604)
+++ data/CVE/list	2006-03-13 11:28:56 UTC (rev 3605)
@@ -1,4 +1,10 @@
-CVE-2006-1166
+CVE-2006-XXXX [gallery2: local file inclusion]
+	- gallery2 2.0.4-1
+CVE-2006-XXXX [Unspecified security problem in Peercast]
+	- peercast 0.1217-1
+CVE-2006-XXXX [Directory traversal issue in Namazu2]
+	- namazu2 2.0.16-1
+CVE-2006-1166 [Lua code execution in Monotone]
 	- monotone <unfixed> (low)
 	NOTE: Needs a case-insensitive file system (e.g. VFAT or Samba) on
 	NOTE: the client.
@@ -499,7 +505,7 @@
 CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1 and ...)
 	TODO: check
 CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV ...)
-	TODO: check
+	- libcrypt-cbc-perl 2.17-1
 CVE-2006-0897 (SQL injection vulnerability in Virtual Program Management Intranet ...)
 	TODO: check
 CVE-2006-0896 (Cross-site scripting (XSS) vulnerability in Sources/Register.php in ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-03-13 09:14:19 UTC (rev 3604)
+++ data/DSA/list	2006-03-13 11:28:56 UTC (rev 3605)
@@ -1,3 +1,7 @@
+[13 Mar 2006] DSA-996-1 libcrypt-cbc-perl - programming error
+	{CVE-2006-0898}
+	[sarge] - libcrypt-cbc-perl 2.12-1sarge1
+	NOTE: fixed in testing at the time of DSA
 [13 Mar 2006] DSA-995-1 metamail - buffer overflow
 	{CVE-2006-0709}
 	[woody] - metamail 2.7-45woody.4




More information about the Secure-testing-commits mailing list