[Secure-testing-commits] r3917 - data/CVE

[Stefan Fritsch]

Author: stef-guest
Date: 2006-05-05 07:34:53 +0000 (Fri, 05 May 2006)
New Revision: 3917

Modified:
   data/CVE/list
Log:
firefox fixed in 1.5.0.3
new linux sctp issue
new quagga issue
couldn't find cve for new mysql issue




Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-03 21:14:23 UTC (rev 3916)
+++ data/CVE/list	2006-05-05 07:34:53 UTC (rev 3917)
@@ -1,5 +1,10 @@
 CVE-2006-2161
 	RESERVED
+CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution]
+	- mysql-dfsg-5.0 5.0.21-1 (bug #365939)
+	- mysql-dfsg-4.1 <unfixed> (bug #365939)
+	- mysql-dfsg <unfixed> (bug #365939)
+	- mysql <unfixed> (bug #365939)
 CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...)
 	TODO: check
 CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...)
@@ -396,7 +401,7 @@
 CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...)
 	NOT-FOR-US: FlexBB
 CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...)
-	- firefox 1.5.dfsg+1.5.0.2-2
+	- firefox 1.5.dfsg+1.5.0.3-1
 	[sarge] - mozilla-firefox <not-affected>
 CVE-2006-XXXX [typo3 mailforms can be abused to send spam]
 	- typo3-src <unfixed> (bug #364350)
@@ -1564,8 +1569,9 @@
 	NOTE: default configuration.
 CVE-2006-1528
 	RESERVED
-CVE-2006-1527
+CVE-2006-1527 [SCTP conntrack: fix infinite loop]
 	RESERVED
+	- linux-2.6 2.6.16-12 (low)
 CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...)
 	- xorg-server 1:1.0.2-8
 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...)
@@ -1580,8 +1586,9 @@
 	RESERVED
 CVE-2006-1520
 	RESERVED
-CVE-2006-1519
+CVE-2006-1519 [quagga RIPD unauthenticated route injection]
 	RESERVED
+	- quagga 0.99.3-2 (bug #365940)
 CVE-2006-1518
 	RESERVED
 CVE-2006-1517