[Secure-testing-commits] r4034 - data/CVE

Alec Berryman alec-guest at costa.debian.org
Sun May 21 15:01:16 UTC 2006 

Author: alec-guest
Date: 2006-05-21 15:01:11 +0000 (Sun, 21 May 2006)
New Revision: 4034

Modified:
   data/CVE/list
Log:
* two unfixed linux-2.6 vulns
* one long fixed linux-2.6 vuln
* NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-21 14:28:40 UTC (rev 4033)
+++ data/CVE/list	2006-05-21 15:01:11 UTC (rev 4034)
@@ -1177,7 +1177,7 @@
 CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...)
 	NOT-FOR-US: RechnungsZentrale
 CVE-2006-1953 (Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 ...)
-	TODO: check
+	NOT-FOR-US: Caucho
 CVE-2006-1952 (Directory traversal vulnerability in WinAgents TFTP Server for Windows ...)
 	NOT-FOR-US: WinAgents TFTP Server for Windows
 CVE-2006-1951 (Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and ...)
@@ -1407,9 +1407,9 @@
 CVE-2006-1861
 	RESERVED
 CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1858
 	RESERVED
 CVE-2006-1857
@@ -1417,7 +1417,8 @@
 CVE-2006-1856 (Certain modifications to the Linux kernel 2.6.16 and earlier do not ...)
 	TODO: check
 CVE-2006-1855 (choose_new_parent in Linux kernel before 2.6.11.12 includes certain ...)
-	TODO: check
+	NOTE: probably fixed before, but this is the oldest linux-2.6 in the changelog
+	- linux-2.6 2.6.12-1
 CVE-2006-1854 (** DISPUTED ** ...)
 	NOT-FOR-US: BluePay Manager
 CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier ...)
@@ -2532,7 +2533,7 @@
 CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to ...)
 	NOT-FOR-US: Apple
 CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a ...)
-	TODO: check
+	NOT-FOR-US: MySQL Manager
 CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to ...)
 	NOT-FOR-US: Apple
 CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
@@ -3162,7 +3163,7 @@
 CVE-2006-1173
 	RESERVED
 CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control
 CVE-2006-1171
 	RESERVED
 CVE-2006-1170

More information about the Secure-testing-commits mailing list