[Secure-testing-commits] r4968 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Nov 15 21:14:23 CET 2006


Author: joeyh
Date: 2006-11-15 21:14:22 +0100 (Wed, 15 Nov 2006)
New Revision: 4968

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-15 20:02:42 UTC (rev 4967)
+++ data/CVE/list	2006-11-15 20:14:22 UTC (rev 4968)
@@ -73,6 +73,7 @@
 CVE-2006-5849 (PHP remote file inclusion vulnerability in inc/irayofuncs.php in ...)
 	TODO: check
 CVE-2006-5848 (Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 ...)
+	{DSA-1209}
 	TODO: check
 CVE-2006-5847 (Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop ...)
 	TODO: check
@@ -1791,7 +1792,7 @@
 	TODO: check
 	NOTE: This may be a dupe of CVE-2006-4925
 CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote ...)
-	{DSA-1189-1}
+	{DSA-1212 DSA-1189-1}
 	- openssh 1:4.3p2-4 (unimportant)
 	- openssh-krb5 <unfixed> (high)
 	NOTE: From my analysis only openssh with Kerberos support should be vulnerable
@@ -2068,7 +2069,7 @@
 	- openssh <unfixed> (unimportant)
 	NOTE: That's a non-issue
 CVE-2006-4924 (sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, ...)
-	{DSA-1189-1}
+	{DSA-1212 DSA-1189-1}
 	- openssh 1:4.3p2-4 (low; bug #389995)
 	- openssh-krb5 <unfixed> (low)
 CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat ...)
@@ -2821,7 +2822,7 @@
 CVE-2006-4572 (Multiple unspecified vulnerabilities in netfilter for IPv6 code in ...)
 	TODO: check
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-64
 	- mozilla <unfixed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -2840,7 +2841,7 @@
 	- thunderbird 1.5.0.7-1
 	[sarge] - mozilla-firefox <unfixed> (low)
 CVE-2006-4568 (Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-61
 	- mozilla <unfixed> (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
@@ -2855,7 +2856,7 @@
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: The internal update mechanism is disabled in Debian
 CVE-2006-4566 (Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <unfixed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -2863,7 +2864,7 @@
 	- xulrunner 1.8.0.7-1 (high)
 	[sarge] - mozilla-firefox <unfixed> (high)
 CVE-2006-4565 (Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <unfixed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -3375,7 +3376,7 @@
 CVE-2006-4341
 	REJECTED
 CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as used ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-60, this is the similar to CVE-2006-4339
 	- mozilla <unfixed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -3589,6 +3590,7 @@
 	- pdns-recursor 3.1.4-1 (bug #398559)
 	- pdns <not-affected> (Recursor module has been moved to pdns-recursor)
 CVE-2006-4251 (Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow ...)
+	{DSA-1211}
 	- pdns-recursor 3.1.4-1 (bug #398557; high)
 	- pdns <not-affected> (Recursor module has been moved to pdns-recursor)
 CVE-2006-4250
@@ -6902,7 +6904,7 @@
 	NOTE: Verified that the patch has been applied in 2.4.0-1,
 	NOTE: may have been fixed earlier.
 CVE-2006-2788 (Double-free vulnerability in the getRawDER function for nsIX509Cert in ...)
-	{DSA-1192-1 DSA-1191-1}
+	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	- mozilla <unfixed> (high)
 	- mozilla-firefox <unfixed> (high)
 	- firefox 1.5.dfsg+1.5.0.4 (high)




More information about the Secure-testing-commits mailing list