[Secure-testing-commits] r3630 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Mar 16 16:36:11 UTC 2006
Author: jmm-guest
Date: 2006-03-16 16:36:06 +0000 (Thu, 16 Mar 2006)
New Revision: 3630
Modified:
data/CVE/list
Log:
unzip issue is a non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-16 16:23:20 UTC (rev 3629)
+++ data/CVE/list 2006-03-16 16:36:06 UTC (rev 3630)
@@ -1921,7 +1921,8 @@
CVE-2006-0419 (BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 ...)
NOT-FOR-US: BEA WebLogic
CVE-2005-4667 (Buffer overflow in UnZip 5.50 and earlier allows user-complicit ...)
- - unzip 5.52-7 (low; bug #349794)
+ - unzip 5.52-7 (unimportant; bug #349794)
+ NOTE: Overflow can only be triggered, not setuid
CVE-2006-0418 (Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 ...)
NOT-FOR-US: 123 Flash Chat Server
CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and ...)
More information about the Secure-testing-commits
mailing list