[Secure-testing-commits] r5018 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Tue Nov 28 18:22:02 CET 2006


Author: stef-guest
Date: 2006-11-28 18:22:00 +0100 (Tue, 28 Nov 2006)
New Revision: 5018

Modified:
   data/CVE/list
Log:
- new (different) proftpd issue (medium)
- CVE-2006-6097: new tar issue (high)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-28 17:01:33 UTC (rev 5017)
+++ data/CVE/list	2006-11-28 17:22:00 UTC (rev 5018)
@@ -1,6 +1,9 @@
+CVE-2006-XXXX [proftpd buffer overflow in mod_tls]
+	- proftpd-dfsg <unfixed> (medium; bug filed)
+	- proftpd <removed> (medium)
 CVE-2006-XXXX [gnupg buffer overflow in ask_outfile_name]
 	- gnupg 1.4.5-3 (medium)
-	- gnupg2 <unfixed> (medium)
+	- gnupg2 <unfixed> (medium; bug filed)
 CVE-2006-XXXX [tikiwiki script insertion vulnerability]
 	- tikiwiki 1.9.7+dfsg-1 (low)
 CVE-2006-XXXX [several security issues in phpmyadmin]
@@ -77,7 +80,7 @@
 CVE-2006-6098
 	RESERVED
 CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows ...)
-	TODO: check
+	- tar <unfixed> (high; bug #399845)
 CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in activenews_search.asp in ...)
 	TODO: check
 CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)




More information about the Secure-testing-commits mailing list