[Secure-testing-commits] r3925 - in data: CVE DSA

Stefan Fritsch stef-guest at costa.debian.org
Tue May 9 16:31:41 UTC 2006 

Author: stef-guest
Date: 2006-05-09 16:31:37 +0000 (Tue, 09 May 2006)
New Revision: 3925

Modified:
   data/CVE/list
   data/DSA/list
Log:
mysql CVE ids
new DSAs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-09 16:13:09 UTC (rev 3924)
+++ data/CVE/list	2006-05-09 16:31:37 UTC (rev 3925)
@@ -228,11 +228,6 @@
 	TODO: check
 CVE-2006-2161 (Buffer overflow in TZipBuilder 1.79.03.01 allows remote attackers to ...)
 	TODO: check
-CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution]
-	- mysql-dfsg-5.0 5.0.21-1 (bug #365939)
-	- mysql-dfsg-4.1 <unfixed> (bug #365939)
-	- mysql-dfsg <unfixed> (bug #365939)
-	- mysql <unfixed> (bug #365939)
 CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...)
 	TODO: check
 CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...)
@@ -1818,11 +1813,20 @@
 CVE-2006-1519
 	RESERVED
 CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...)
-	TODO: check
+	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
+	- mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
+	- mysql-dfsg <unfixed> (bug #365939; medium)
+	- mysql <unfixed> (bug #365939; medium)
 CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and ...)
-	TODO: check
+	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
+	- mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+	- mysql-dfsg <unfixed> (bug #365939; low)
+	- mysql <unfixed> (bug #365939; low)
 CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up to ...)
-	TODO: check
+	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
+	- mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+	- mysql-dfsg <unfixed> (bug #365939; low)
+	- mysql <unfixed> (bug #365939; low)
 CVE-2006-1515 [typespeed buffer overflow]
 	RESERVED
 	- typespeed 0.4.4-10

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-05-09 16:13:09 UTC (rev 3924)
+++ data/DSA/list	2006-05-09 16:31:37 UTC (rev 3925)
@@ -1,3 +1,23 @@
+[09 May 2006] DSA-1054-1 tiff - several vulnerabilities
+        {CVE-2006-2024 CVE-2006-2025 CVE-2006-2026}
+        [woody] - tiff 3.5.5-7woody1
+        [sarge] - tiff 3.7.2-3sarge1
+[09 May 2006] DSA-1053-1 mozilla - programming error
+        {CVE-2006-1993}
+        [sarge] - mozilla 2:1.7.8-1sarge6
+[08 May 2006] DSA-1052-1 cgiirc - buffer overflows
+        {CVE-2006-2148}
+        [sarge] - cgiirc 0.5.4-6sarge1
+[04 May 2006] DSA-1051-1 mozilla-thunderbird - several vulnerabilities
+        {CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296 CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1529 CVE-2006-1530 CVE-2006-1531 CVE-2006-1723 CVE-2006-1724 CVE-2006-1727 CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731 CVE-2006-1732 CVE-2006-1733 CVE-2006-1734 CVE-2006-1735 CVE-2006-1736 CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1740 CVE-2006-1741 CVE-2006-1742 CVE-2006-1790}
+        [sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
+[02 May 2006] DSA-1050-1 clamav - buffer overflow
+        {CVE-2006-1989}
+        [sarge] - clamav 0.84-2.sarge.9
+[02 May 2006] DSA-1049-1 ethereal - several vulnerabilities
+        {CVE-2006-1932 CVE-2006-1933 CVE-2006-1934 CVE-2006-1935 CVE-2006-1936 CVE-2006-1937 CVE-2006-1938 CVE-2006-1939 CVE-2006-1940}
+        [woody] - ethereal 0.9.4-1woody15
+        [sarge] - ethereal 0.10.10-2sarge5
 [01 May 2006] DSA-1048-1 asterisk - several vulnerabilities
         {CVE-2005-3559 CVE-2006-1827}
         [woody] - asterisk 0.1.11-3woody1

More information about the Secure-testing-commits mailing list