[Secure-testing-commits] r3646 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Mar 20 10:35:32 UTC 2006 

Author: jmm-guest
Date: 2006-03-20 10:35:22 +0000 (Mon, 20 Mar 2006)
New Revision: 3646

Modified:
   data/CVE/list
   data/DSA/list
Log:
new curl issue
new crossfire DSA
update on libmail-audit-perl DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-20 09:14:23 UTC (rev 3645)
+++ data/CVE/list	2006-03-20 10:35:22 UTC (rev 3646)
@@ -535,8 +535,11 @@
 CVE-2006-1062 (Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier ...)
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1061
+CVE-2006-1061 [curl tftp buffer overflow]
 	RESERVED
+	- curl <unfixed> 
+	[woody] - curl <not-affected>
+	[sarge] - curl <not-affected>
 CVE-2006-1060
 	RESERVED
 CVE-2006-1059
@@ -3212,7 +3215,7 @@
 CVE-2005-4537
 	RESERVED
 CVE-2005-4536 (Mail::Audit module in libmail-audit-perl 2.1-5, when logging is ...)
-	{DSA-960-2 DSA-960-1}
+	{DSA-960-3}
 	- libmail-audit-perl 2.1-5.1 (bug #344029; medium)
 CVE-2005-4535
 	RESERVED

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-03-20 09:14:23 UTC (rev 3645)
+++ data/DSA/list	2006-03-20 10:35:22 UTC (rev 3646)
@@ -1,3 +1,8 @@
+[21 Mar 2006] DSA-1009-1 crossfire - buffer overflow
+	{CVE-2006-1236}
+	[woody] - crossfire 1.1.0-1woody2
+	[sarge] - crossfire 1.6.0.dfsg.1-4sarge2
+	NOTE: fixed in testing at the time of DSA
 [17 Mar 2006] DSA-1008-1 kpdf - buffer overflow
 	{CVE-2006-0746}
 	[sarge] - 3.3.2-2sarge4
@@ -208,15 +213,11 @@
 	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
 	[sarge] - pdfkit.framework 0.8-2sarge1
 	NOTE: not fixed in testing at time of DSA (unfixed in sid)
-[31 Jan 2006] DSA-960-2 libmail-audit-perl - insecure temporary file creation
+[31 Jan 2006] DSA-960-3 libmail-audit-perl - insecure temporary file creation
 	{CVE-2005-4536}
-	[sarge] - libmail-audit-perl 2.1-5sarge2
-	NOTE: This update only corrects the update for sarge, the version in woody is correct.
-[31 Jan 2006] DSA-960-1 libmail-audit-perl - insecure temporary file creation
-        {CVE-2005-4536}
-        [woody] - libmail-audit-perl 2.0-4woody1
-        [sarge] - libmail-audit-perl 2.1-5sarge1
-	NOTE: not fixed in testing at time of DSA (unfixed in sid)
+	[woody] - libmail-audit-perl 2.0-4woody3
+	[sarge] - libmail-audit-perl 2.1-5sarge4
+	NOTE: 960-1 and 960-2 had regressions
 [30 Jan 2006] DSA-959-1 unalz - buffer overflow
         {CVE-2005-3862}
         [sarge] - unalz 0.30.1

More information about the Secure-testing-commits mailing list