[Secure-testing-commits] r3926 - in data: CVE DSA

Stefan Fritsch stef-guest at costa.debian.org
Tue May 9 17:04:10 UTC 2006 

Author: stef-guest
Date: 2006-05-09 17:04:03 +0000 (Tue, 09 May 2006)
New Revision: 3926

Modified:
   data/CVE/list
   data/DSA/list
Log:
remove three thunderbird issues not present in 1.0.x
some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-09 16:31:37 UTC (rev 3925)
+++ data/CVE/list	2006-05-09 17:04:03 UTC (rev 3926)
@@ -49,7 +49,7 @@
 CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition ...)
 	TODO: check
 CVE-2006-2245 (PHP remote file inclusion vulnerability in auction\auction_common.php ...)
-	TODO: check
+	NOT-FOR-US: Auction mod 1.3m for phpBB
 CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal allow ...)
 	TODO: check
 CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News ...)
@@ -103,19 +103,20 @@
 CVE-2006-2219
 	RESERVED
 CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft ...)
-	TODO: check
+	NOT-FOR-US: MS IE
 CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board ...)
 	TODO: check
 CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: OpenBB
 CVE-2006-2215 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.x ...)
-	TODO: check
+	NOT-FOR-US: Albinator
 CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon (lpd) ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in ...)
 	TODO: check
+	NOTE: says Solaris, but xview is also in Debian. Pinged Maintainer.
 CVE-2005-4795 (Unspecified vulnerability in the multi-language environment library ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2006-XXXX [pstotext insufficient filename sanitizing]
 	- pstotext 1.9-3 (bug #356988; medium)
 CVE-2006-XXXX [cyrus-imapd allows user probes]
@@ -239,19 +240,19 @@
 CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...)
 	TODO: check
 CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
-	TODO: check
+	NOT-FOR-US: EMC Retrospect
 CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
-	TODO: check
+	NOT-FOR-US: EMC Retrospect
 CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin ...)
 	TODO: check
 CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...)
-	TODO: check
+	NOT-FOR-US: phpBB Advanced Guestbook
 CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB ...)
-	TODO: check
+	NOT-FOR-US: phpBB TopList
 CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB ...)
-	TODO: check
+	NOT-FOR-US: phpBB TopList
 CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in ...)
-	TODO: check
+	NOT-FOR-US: Aardvark Topsites
 CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not ...)
 	TODO: check
 CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-05-09 16:31:37 UTC (rev 3925)
+++ data/DSA/list	2006-05-09 17:04:03 UTC (rev 3926)
@@ -9,7 +9,7 @@
         {CVE-2006-2148}
         [sarge] - cgiirc 0.5.4-6sarge1
 [04 May 2006] DSA-1051-1 mozilla-thunderbird - several vulnerabilities
-        {CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296 CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1529 CVE-2006-1530 CVE-2006-1531 CVE-2006-1723 CVE-2006-1724 CVE-2006-1727 CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731 CVE-2006-1732 CVE-2006-1733 CVE-2006-1734 CVE-2006-1735 CVE-2006-1736 CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1740 CVE-2006-1741 CVE-2006-1742 CVE-2006-1790}
+        {CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296 CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1723 CVE-2006-1724 CVE-2006-1727 CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731 CVE-2006-1732 CVE-2006-1733 CVE-2006-1734 CVE-2006-1735 CVE-2006-1736 CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1740 CVE-2006-1741 CVE-2006-1742 CVE-2006-1790}
         [sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 [02 May 2006] DSA-1050-1 clamav - buffer overflow
         {CVE-2006-1989}

More information about the Secure-testing-commits mailing list