[Secure-testing-commits] r3668 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Mar 23 10:24:40 UTC 2006 

Author: jmm-guest
Date: 2006-03-23 10:24:34 +0000 (Thu, 23 Mar 2006)
New Revision: 3668

Modified:
   data/CVE/list
Log:
mark three flash issues as no-dsa
readjust older icecast issues upstream has evaluated as non-issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-23 09:49:37 UTC (rev 3667)
+++ data/CVE/list	2006-03-23 10:24:34 UTC (rev 3668)
@@ -4668,6 +4668,7 @@
 	RESERVED
 CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 ...)
 	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
 CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0022
@@ -5685,6 +5686,7 @@
 	NOT-FOR-US: CuteNews
 CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier ...)
 	- flashplugin-nonfree 7.0.61-1 (bug #339290; high)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
 CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote ...)
 	NOT-FOR-US: FileZilla
 CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 ...)
@@ -8597,6 +8599,7 @@
 	- helix-player 1.0.6-1 (bug #340270; medium)
 CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to ...)
 	- flashplugin-nonfree 7.0.61-1.1 (bug #339290; high)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
 CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow remote ...)
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
@@ -15847,9 +15850,11 @@
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 CVE-2005-0838 (Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ...)
-	- icecast2 <unfixed> (bug #301368; low)
+	- icecast2 <unfixed> (bug #301368; unimportant)
+	NOTE: According to upstream a non-issue
 CVE-2005-0837 (IceCast 2.20 allows remote attackers to bypass the XSL parser and ...)
-	- icecast2 <unfixed> (bug #301368; low)
+	- icecast2 <unfixed> (bug #301368; unimportant)
+	NOTE: According to upstream a non-issue
 CVE-2005-0836 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up ...)
 	NOT-FOR-US: Java Web Start for proprietary Sun Java
 CVE-2005-0835 (The SNMP service in the Belkin 54G (F5D7130) wireless router allows ...)

More information about the Secure-testing-commits mailing list