[Secure-testing-commits] r3970 - data/CVE

Joey Hess joeyh at costa.debian.org
Thu May 18 21:14:28 UTC 2006


Author: joeyh
Date: 2006-05-18 21:14:24 +0000 (Thu, 18 May 2006)
New Revision: 3970

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-18 20:24:25 UTC (rev 3969)
+++ data/CVE/list	2006-05-18 21:14:24 UTC (rev 3970)
@@ -27,7 +27,7 @@
 CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
 	NOT-FOR-US: E-Business Designer
 CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows ...)
-        - vpopmail <not-affected> (vulnerability introduced in 5.4.14)
+	- vpopmail <not-affected> (vulnerability introduced in 5.4.14)
 	NOTE: Unable to reach CVS to determine if prior versions are affected
 	NOTE: Micah will return to this one
 CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in ...)
@@ -253,6 +253,7 @@
 CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
 	TODO: check
 CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
+	{DSA-1058-1}
 	- awstats 6.5-2 (bug #365909; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
 	- quake3 <itp> (bug #337937)




More information about the Secure-testing-commits mailing list