[Secure-testing-commits] r5012 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Mon Nov 27 21:15:19 CET 2006
Author: stef-guest
Date: 2006-11-27 21:15:17 +0100 (Mon, 27 Nov 2006)
New Revision: 5012
Modified:
data/CVE/list
Log:
- new torrentflux issue (medium)
- CVE-2006-6015: konqueror issue is actually a libpcre issue (medium)
- linux-ftpd fixed (previous fix was faulty)
- new phpmyadmin issue fixed
- new tikiwiki issue fixed
- new smb4k issue fixed
- new tdiary issue fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-27 11:14:44 UTC (rev 5011)
+++ data/CVE/list 2006-11-27 20:15:17 UTC (rev 5012)
@@ -1,3 +1,14 @@
+CVE-2006-XXXX [tikiwiki script insertion vulnerability]
+ - tikiwiki 1.9.7+dfsg-1
+CVE-2006-XXXX [several security issues in phpmyadmin]
+ - phpmyadmin 4:2.9.1.1-1 (bug #399329)
+ NOTE: PMASA-2006-7, PMASA-2006-8, PMASA-2006-9
+CVE-2006-XXXX [smb4k security issue]
+ - smb4k 0.7.5-1
+CVE-2006-XXXX [tdiary Cross Site Scripting]
+ - tdiary 2.1.4-4 (bug #400447)
+CVE-2006-XXXX [arbitrary code execution in metaInfo.php in torrentflux]
+ - torrentflux <unfixed> (bug #400582; medium)
CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
TODO: check
CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
@@ -227,7 +238,7 @@
CVE-2006-6016 (wp-admin/user-edit.php in WordPress before 2.0.5 allows remote ...)
- wordpress 2.0.5-0.1
CVE-2006-6015 (Buffer overflow in the JavaScript implementation in Safari on Apple ...)
- - kdebase <unfixed> (medium; bug #400121)
+ - pcre3 <unfixed> (medium; bug #400121)
NOTE: konqueror 4:3.5.5a.dfsg.1-2 is vulnerable
CVE-2006-6014 (The NetBSD-current kernel before 20061028 does not properly perform ...)
NOT-FOR-US: NetBSD
@@ -243,7 +254,7 @@
CVE-2006-6009 (Unspecified vulnerability in the Java Runtime Environment (JRE) Swing ...)
- sun-java5 1.5.0-08-1
CVE-2006-6008 (ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, ...)
- - linux-ftpd 0.17-22
+ - linux-ftpd 0.17-23
CVE-2006-6007 (save_profile.asp in WebEvents (Online Event Registration Template) 2.0 ...)
NOT-FOR-US: WebEvents (Online Event Registration Template)
CVE-2006-6006
@@ -2858,7 +2869,7 @@
NOT-FOR-US: HP-UX
CVE-2006-5778 (ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir ...)
{DSA-1217}
- - linux-ftpd 0.17-22 (low; bug #384454)
+ - linux-ftpd 0.17-23 (low; bug #384454)
CVE-2006-XXXX [ejabberd HTML code injection]
- ejabberd 1.1.1-8
CVE-2006-4792
More information about the Secure-testing-commits
mailing list