[Secure-testing-commits] r4036 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Sun May 21 18:30:09 UTC 2006 

Author: stef-guest
Date: 2006-05-21 18:30:04 +0000 (Sun, 21 May 2006)
New Revision: 4036

Modified:
   data/CVE/list
Log:
VServer kernel patch is also in linux-2.6 source package.
Some linux kernel fixes.
Fixed wrong linux-2.6 version for CVE-2006-1846.
One linux-2.6 entry is actually NFU.



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-21 15:32:19 UTC (rev 4035)
+++ data/CVE/list	2006-05-21 18:30:04 UTC (rev 4036)
@@ -450,15 +450,15 @@
 	{DSA-1059-1}
 	- quagga 0.99.4-1 (bug #366980; low)
 CVE-2006-2275 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.16-13
 CVE-2006-2274 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.16-13
 CVE-2006-2273 (The InstallProduct routine in the Verisign VUpdater.Install (aka ...)
-	- linux-2.6 <unfixed>
+	NOT-FOR-US: Verisign
 CVE-2006-2272 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.16-13
 CVE-2006-2271 (The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.16-13
 CVE-2005-4798 (Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to ...)
 	TODO: check
 CVE-2006-2270 (PHP remote file inclusion vulnerability in includes/config.php in ...)
@@ -810,6 +810,7 @@
 CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...)
 	{DSA-1060-1}
 	- kernel-patch-vserver 2:2.0.1-4 (low)
+	- linux-2.6 2.6.16-11 (low)
 CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...)
 	NOTE: #357204: request for removal
 	- jsboard 2.0.10-2 (bug #368305; low)
@@ -1399,7 +1400,7 @@
 CVE-2006-1865 (Beagle before 0.2.5 can produce certain insecure command lines to ...)
 	- beagle <unfixed> (bug #365371; medium)
 CVE-2006-1864 (Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier ...)
-	- linux-2.6 2.6.16-10
+	- linux-2.6 2.6.16-13
 CVE-2006-1863 (Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier ...)
 	- linux-2.6 2.6.16-10
 CVE-2006-1862

More information about the Secure-testing-commits mailing list