[Secure-testing-commits] r3670 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Mar 23 13:31:09 UTC 2006 

Author: jmm-guest
Date: 2006-03-23 13:30:38 +0000 (Thu, 23 Mar 2006)
New Revision: 3670

Modified:
   data/CVE/list
Log:
remove 2.4.27 entries, will be added through 2.4.27 DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-23 13:12:18 UTC (rev 3669)
+++ data/CVE/list	2006-03-23 13:30:38 UTC (rev 3670)
@@ -4642,7 +4642,6 @@
 	- kernel-patch-ctx 1:1.29-1
 CVE-2004-2607 (A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
-	- kernel-source-2.4.27 2.4.27-8
 CVE-2005-3962 (Integer overflow in the format string functionality (Perl_sv_vcatpvfn) ...)
 	{DSA-943-1}
 	- perl 5.8.7-9 (bug #341542; medium)
@@ -4992,10 +4991,8 @@
 	NOT-FOR-US: AMAX Magic Winmail Server 
 CVE-2005-3806 (The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels ...)
 	- linux-2.6 2.6.14-1 (medium)
-	- kernel-source-2.4.27 <unfixed> (medium)
 CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in Linux ...)
 	- linux-2.6 <unfixed> (medium)
-	- kernel-source-2.4.27 <unfixed> (medium)
 CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support ...)
 	NOT-FOR-US: Cisco hardware
 CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ...)
@@ -5044,7 +5041,6 @@
 	- kernel-source-2.4.27 <unfixed> (medium)
 CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before ...)
 	- linux-2.6 2.6.14-3 (medium)
-	- kernel-source-2.4.27 <unfixed> (medium)
 CVE-2005-3782
 	RESERVED
 CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with ...)
@@ -5119,7 +5115,6 @@
 	- phpgroupware 0.9.14.007
 CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)
 	- linux-2.6 2.6.13-1
-	- kernel-source-2.4.27 2.4.27-12 (bug #351645)
 CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up ...)
 	- linux-2.6 2.6.13-1
 CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
@@ -6196,10 +6191,8 @@
 	- linux-ftpd-ssl 0.17.18+0.3-5 (bug #339074; high)
 CVE-2005-3807 (Memory leak in the VFS file lease handling in locks.c in Linux kernels ...)
 	- linux-2.6 2.6.14-4
-	- kernel-source-2.4.27 <not-affected>
 CVE-2005-3857 (The time_out_leases function in locks.c for Linux kernel before ...)
 	- linux-2.6 2.6.14-4 (low)
-	- kernel-source-2.4.27 2.4.27-13 (low)
 CVE-2005-XXXX [user logout in drupal has no effect]
 	[sarge] - drupal <not-affected> (bug was introduced after 4.5.3)
 	- drupal 4.5.5-3 (bug #336719; medium)
@@ -6966,7 +6959,6 @@
 	NOT-FOR-US: Solaris
 CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and ...)
 	- linux-2.6 2.6.14-4 (bug #334113; medium)
-	- kernel-source-2.4.27 <unfixed> (medium)
 CVE-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote ...)
 	NOT-FOR-US: Cyphor
 CVE-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote ...)
@@ -7735,8 +7727,6 @@
 	- libungif4 4.1.3-4 (bug #337972; medium)
 CVE-2005-2973 (The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, ...)
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (low)
-	- kernel-source-2.4.27 2.4.27-12
-	[sarge] - kernel-source-2.4.27 2.4.27-10sarge2
 CVE-2005-2972 (Multiple stack-based buffer overflows in the RTF import feature in ...)
 	{DSA-894-1}
 	- abiword 2.4.1-1 (bug #333740; medium)
@@ -8945,7 +8935,6 @@
 CVE-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy access to ...)
 	{DTSA-16-1}
 	- linux-2.6 2.6.12-6 (medium)
-	- kernel-source-2.4.27 2.4.27-12 (medium)
 CVE-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the pwd ...)
 	NOT-FOR-US: rexecd
 CVE-2004-2387 (Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 ...)
@@ -9522,8 +9511,6 @@
 CVE-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux ...)
 	{DTSA-16-1}
 	- linux-2.6 2.6.12-3 (medium)
-	- kernel-source-2.4.27 2.4.27-12 (medium)
-	[sarge] - kernel-source-2.4.27 2.4.27-10sarge2 (medium)
 CVE-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in ...)
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
@@ -12589,7 +12576,6 @@
 CVE-2005-1761 (Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users ...)
 	{DSA-922-1 DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
-	- kernel-source-2.4.27 <unfixed> (low)
 CVE-2005-1760 (sysreport 1.3.15 and earlier includes contents of the up2date file in ...)
 	NOT-FOR-US: sysreport
 CVE-2005-1759 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
@@ -17477,7 +17463,6 @@
 	NOT-FOR-US: Sami HTTP Server
 CVE-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows remote ...)
 	- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11 and 2.6.12)
-	- kernel-source-2.4.27 <not-affected> (Per Herbet Xu: http://oss.sgi.com/archives/netdev/2005-01/msg01107.html)
 CVE-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl before ...)
 	{DSA-696-1}
 	- perl 5.8.4-7
@@ -20079,7 +20064,6 @@
 	NOTE: package was fixed.
 CVE-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not properly ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-	TODO: Check, when this was fixed
 	- kernel-source-2.6.8 2.6.8-10
 CVE-2004-0886 (Multiple integer overflows in libtiff 3.6.1 and earlier allow remote ...)
 	{DSA-567-1}

More information about the Secure-testing-commits mailing list