[Secure-testing-commits] r4935 - data/CVE

[Stefan Fritsch]

Author: stef-guest
Date: 2006-11-08 20:20:43 +0100 (Wed, 08 Nov 2006)
New Revision: 4935

Modified:
   data/CVE/list
Log:
- new obexpushd issue fixed (medium)
- new motion issue fixed (low)
- CVE-2006-5702/3: new tikiwiki issues fixed
- linux issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-08 18:41:23 UTC (rev 4934)
+++ data/CVE/list	2006-11-08 19:20:43 UTC (rev 4935)
@@ -1,3 +1,7 @@
+CVE-2006-XXXX [obexpushd arbitrary command execution]
+	- obexpushd 0.4+svn10-1 (bug #397297; medium)
+CVE-2006-XXXX [motion insecure tempfile creation]
+	- motion 3.2.3-2 (bug #393846; low)
 CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote ...)
 	TODO: check
 CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG ...)
@@ -173,9 +177,9 @@
 CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security T6533G06 ...)
 	TODO: check
 CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in ...)
-	TODO: check
+	- tikiwiki 1.9.6+dfsg-1 (low)
 CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
-	TODO: check
+	- tikiwiki 1.9.6+dfsg-1 (medium)
 CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux kernel ...)
 	TODO: check
 CVE-2006-5700
@@ -1283,7 +1287,7 @@
 CVE-2006-5175 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
 	NOT-FOR-US: TeraStation HD-HTGL
 CVE-2006-5174 (The copy_from_user function in the uaccess code in Linux kernel 2.6 ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.18-5
 	NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4
 CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a context ...)
 	- linux-2.6 2.6.18-1