[Secure-testing-commits] r4062 - data/CVE
Florian Weimer
fw at costa.debian.org
Tue May 23 18:56:41 UTC 2006
Author: fw
Date: 2006-05-23 18:56:38 +0000 (Tue, 23 May 2006)
New Revision: 4062
Modified:
data/CVE/list
Log:
CVE-2006-2313, CVE-2006-2314: PostgreSQL
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-23 12:36:26 UTC (rev 4061)
+++ data/CVE/list 2006-05-23 18:56:38 UTC (rev 4062)
@@ -370,10 +370,24 @@
NOT-FOR-US: Intel Windows software
CVE-2006-2315 (PHP remote file inclusion vulnerability in session.inc.php in ...)
NOT-FOR-US: ISPConfig
-CVE-2006-2314
+CVE-2006-2314 [PostgreSQL string encoding interpretation conflict]
RESERVED
-CVE-2006-2313
+ - postgresql 7.5.4 (medium; bug #368645)
+ - postgresql-7.4 <unfixed> (medium)
+ - postgresql-8.0 <unfixed> (medium)
+ - postgresql-8.1 <unfixed> (medium)
+ NOTE: Beginning with version 7.5.4, postgresql is a transition
+ NOTE: package which does not contain actual code. That's why
+ NOTE: it's marked as fixed here. (Previous versions are vulnerable.)
+CVE-2006-2313 [Too lenient UTF-8 etc. decoders in PostgreSQL]
RESERVED
+ - postgresql 7.5.4 (high; bug #368645)
+ - postgresql-7.4 <unfixed> (high)
+ - postgresql-8.0 <unfixed> (high)
+ - postgresql-8.1 <unfixed> (high)
+ NOTE: Beginning with version 7.5.4, postgresql is a transition
+ NOTE: package which does not contain actual code. That's why
+ NOTE: it's marked as fixed here. (Previous versions are vulnerable.)
CVE-2006-2312 (Unspecified vulnerability in the URI handler in Skype 2.0.*.104 and ...)
NOT-FOR-US: Skype
CVE-2006-2311
More information about the Secure-testing-commits
mailing list