[Secure-testing-commits] r3909 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Tue May 2 18:16:13 UTC 2006 

Author: stef-guest
Date: 2006-05-02 18:16:08 +0000 (Tue, 02 May 2006)
New Revision: 3909

Modified:
   data/CVE/list
Log:
remove old -XXXX entries that now have a CVE:
	amaya		CVE-2006-1900
	cyrus-sasl2	CVE-2006-1721
	wordpress	CVE-2006-1796
add some epochs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-02 17:45:00 UTC (rev 3908)
+++ data/CVE/list	2006-05-02 18:16:08 UTC (rev 3909)
@@ -747,10 +747,8 @@
 	- mozilla-firefox <not-affected> (problematic fix not backported into 1.0.4-2sarge5)
 CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and ...)
 	NOT-FOR-US: QuickBlogger
-CVE-2006-XXXX [two amaya buffer overflows]
-	- amaya <unfixed> (bug #362575)
 CVE-2006-XXXX [kphone stores SIP passwords in world readable files]
-	- kphone 4.2-3 (bug #337830; low)
+	- kphone 1:4.2-3 (bug #337830; low)
 CVE-2006-XXXX [resmgr access restriction bypass]
 	- resmgr 1.0-4 (low)
 CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php in ...)
@@ -1116,8 +1114,6 @@
 	NOT-FOR-US: MAXdev MD-Pro
 CVE-2006-1676 (SQL injection vulnerability in the display function in the Topics ...)
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-XXXX [Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service]
-	- cyrus-sasl2 <unfixed> (bug #361937)
 CVE-2006-1675 (Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery ...)
 	NOT-FOR-US: PHPWebGallery
 CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in ...)
@@ -2956,7 +2952,7 @@
 CVE-2003-1294 (Xscreensaver before 4.15 creates temporary files insecurely in (1) ...)
 	- xscreensaver 4.15-1
 CVE-2006-0883 (OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not ...)
-	- openssh 3.8.1p1-4
+	- openssh 1:3.8.1p1-4
 	[woody] - openssh <not-affected>
 CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's Classifieds ...)
 	NOT-FOR-US: Noah's Classifieds
@@ -3124,7 +3120,7 @@
 CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed ...)
 	NOT-FOR-US: php-Nuke
 CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers to ...)
-	- tin 1.8.1 
+	- tin 1:1.8.1 
 CVE-2006-0803 (The signature verification functionality in the YaST Online Update ...)
 	NOT-FOR-US: YaSt Online Update
 CVE-2006-0802 (Cross-site scripting (XSS) vulnerability in the NS-Languages module ...)
@@ -3511,8 +3507,6 @@
 CVE-2006-XXXX [dpkg-sig: insecure temp file bug]
 	- dpkg-sig 0.13 (bug #352723; low)
 	[sarge] - dpkg-sig <no-dsa> (Only affected in debug mode)
-CVE-2006-XXXX [Wordpress XSS]
-	- wordpress 2.0.1-1 (bug #328909)
 CVE-2006-XXXX [pioneers meta-server DoS]
 	- pioneers 0.9.55-1 (bug #351986; medium)
 	[sarge] - gnocatan <not-affected> (Not exploitable in Sarge per maintainer)
@@ -7553,7 +7547,7 @@
 	- sysvconfig <not-affected> (sudo cleans env anyway)
 CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
-	- kdegraphics 3.5.0-3
+	- kdegraphics 4:3.5.0-3
 	- gpdf 2.10.0-2 (bug #342286)
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)
@@ -7564,7 +7558,7 @@
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex <not-affected> (Links dynamically to poppler)
-	- kdegraphics 3.5.0-3
+	- kdegraphics 4:3.5.0-3
 	- gpdf 2.10.0-2 (bug #342286)
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)
@@ -7574,7 +7568,7 @@
 CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.3-2
-	- kdegraphics 3.5.0-3
+	- kdegraphics 4:3.5.0-3
 	- xpdf 3.01-4
 	- gpdf 2.10.0-2 (bug #342286)
 	- koffice 1:1.4.2-6 (bug #342294)
@@ -7585,7 +7579,7 @@
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex <not-affected> (Links dynamically to poppler)
-	- kdegraphics 3.5.0-3
+	- kdegraphics 4:3.5.0-3
 	- xpdf 3.01-4
 	- gpdf 2.10.0-2 (bug #342286)
 	- koffice 1:1.4.2-6 (bug #342294)
@@ -7597,7 +7591,7 @@
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex <not-affected> (Links dynamically to poppler)
 	- gpdf 2.10.0-2 (bug #342286)
-	- kdegraphics 3.5.0-3
+	- kdegraphics 4:3.5.0-3
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
@@ -19428,7 +19422,7 @@
 CVE-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...)
 	NOT-FOR-US: MercuryBoard
 CVE-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote ...)
-	- phpmyadmin 2.6.2 (unimportant)
+	- phpmyadmin 4:2.6.2 (unimportant)
 	NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki at netia.net.pl> : 
 	NOTE: I think it is not a problem on Debian as far as everybody knows the full
 	NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.

More information about the Secure-testing-commits mailing list