[Secure-testing-commits] r3942 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Fri May 12 12:36:35 UTC 2006
Author: stef-guest
Date: 2006-05-12 12:36:30 +0000 (Fri, 12 May 2006)
New Revision: 3942
Modified:
data/CVE/list
Log:
drupal bugnum
openssh fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-12 10:56:53 UTC (rev 3941)
+++ data/CVE/list 2006-05-12 12:36:30 UTC (rev 3942)
@@ -75,7 +75,7 @@
CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 ...)
NOT-FOR-US: ACal
CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module ...)
- - drupal <unfixed> (bug filed; medium)
+ - drupal <unfixed> (bug #366947; medium)
CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows ...)
NOT-FOR-US: MaxxSchedule
CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule ...)
@@ -4969,7 +4969,7 @@
CVE-2006-0226 (Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) ...)
NOT-FOR-US: freebsd kernel
CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands ...)
- - openssh <unfixed> (low; bug #349645; bug #352254)
+ - openssh 1:4.3p2-1 (low; bug #349645; bug #352254)
[sarge] - openssh <no-dsa> (Protocol flaws inherited from rcp)
- dropbear 0.48-1 (unimportant)
NOTE: dropbear doesn't include scp in binary package
More information about the Secure-testing-commits
mailing list