[Secure-testing-commits] r3648 - in data: . CVE
Micah Anderson
micah at costa.debian.org
Mon Mar 20 13:35:42 UTC 2006
Author: micah
Date: 2006-03-20 13:35:29 +0000 (Mon, 20 Mar 2006)
New Revision: 3648
Modified:
data/CVE/list
data/ID_pending
Log:
IDs obtained for 6 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-20 10:44:53 UTC (rev 3647)
+++ data/CVE/list 2006-03-20 13:35:29 UTC (rev 3648)
@@ -564,7 +564,7 @@
TODO: check
CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian ...)
- amaya 9.4-1 (bug #341424)
-CVE-2006-XXXX [runit local privilege escalation]
+CVE-2006-1319 [runit local privilege escalation]
- runit <unfixed> (bug #356016; medium)
[sarge] - runit <not-affected>
CVE-2006-1049 (Multiple SQL injection vulnerabilities in Joomla! 1.0.7 and earlier ...)
@@ -800,13 +800,13 @@
TODO: check
CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and ...)
TODO: check
-CVE-2006-XXXX [minor bypass of rssh sanitising]
+CVE-2006-1320 [minor bypass of rssh sanitising]
- rssh 2.3.0-1.1 (bug #346322; low)
[sarge] - rssh <not-affected> (Problem has been introduced in 2.3.0)
CVE-2006-XXXX [buffer overflow in netcat example]
- netcat 1.10-31 (bug #352369; unimportant)
NOTE: Only an example, not in the binary package
-CVE-2006-XXXX [webcheck XSS]
+CVE-2006-1321 [webcheck XSS]
- webcheck 1.9.6
CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...)
TODO: check
@@ -1079,8 +1079,6 @@
TODO: check
CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...)
TODO: check
-CVE-2006-XXXX [cherrypy2 information disclosure]
- - cherrypy2 2.1.1-1 (bug #353542)
CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...)
NOT-FOR-US: Skate Board
CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows ...)
@@ -1241,7 +1239,7 @@
TODO: check
CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows ...)
TODO: check
-CVE-2006-XXXX [sa-exim: deletion of files]
+CVE-2006-1251 [sa-exim: deletion of files]
- sa-exim <unfixed> (bug #345071)
CVE-2006-XXXX [imagemagick: array index overflow in DisplayImageCommand]
- imagemagick 6:6.2.4.5-0.6 (bug #345595)
Modified: data/ID_pending
===================================================================
--- data/ID_pending 2006-03-20 10:44:53 UTC (rev 3647)
+++ data/ID_pending 2006-03-20 13:35:29 UTC (rev 3648)
@@ -1,24 +1,7 @@
-CVE-2006-XXXX [runit local privilege escalation]
- - runit <unfixed> (bug #356016; medium)
- [sarge] - runit <not-affected>
- NOTE: Micah requested CVE March 19, 2006
-CVE-2006-XXXX [minor bypass of rssh sanitising]
- - rssh <unfixed> (bug #346322; low)
- [sarge] - rssh <not-affected> (Problem has been introduced in 2.3.0)
- NOTE: Micah requested CVE March 19, 2006
CVE-2006-XXXX [buffer overflow in netcat example]
- netcat 1.10-30 (bug #352369; unimportant)
NOTE: Only an example, not in the binary package
NOTE: Already fixed, not worth getting a CVE for?
-CVE-2006-XXXX [webcheck XSS]
- - webcheck 1.9.6
- NOTE: Micah requested CVE March 19, 2006
-CVE-2006-XXXX [cherrypy2 information disclosure]
- - cherrypy2 2.1.1-1 (bug #353542)
- NOTE: Micah requested CVE March 19, 2006
-CVE-2006-XXXX [sa-exim: deletion of files]
- - sa-exim <unfixed> (bug #345071)
- NOTE: Micah requested CVE March 19, 2006
CVE-2006-XXXX [imagemagick: array index overflow in DisplayImageCommand]
- imagemagick 6:6.2.4.5-0.6 (bug #345595)
CVE-2006-XXXX [imagemagick's display(1) deletes arbitrary files]
More information about the Secure-testing-commits
mailing list