[Secure-testing-commits] r4787 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Oct 1 08:31:53 UTC 2006


Author: jmm-guest
Date: 2006-10-01 08:31:52 +0000 (Sun, 01 Oct 2006)
New Revision: 4787

Modified:
   data/CVE/list
   data/DSA/list
Log:
mark another php issue as a non-issue
one ethereal issue has been fixed before, just wasn't noted as such


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-30 21:14:24 UTC (rev 4786)
+++ data/CVE/list	2006-10-01 08:31:52 UTC (rev 4787)
@@ -6952,8 +6952,10 @@
 	- php4 <not-affected> (substr_compare does not exist in PHP 4.4.2)
 	- php5 5.1.4-0.1 (bug #365312; medium)
 CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...)
-	- php4 4:4.4.2-1.1 (bug #365311; medium)
-	- php5 5.1.4-0.1 (bug #365312; medium)
+	- php4 4:4.4.2-1.1 (bug #365311; unimportant)
+	- php5 5.1.4-0.1 (bug #365312; unimportant)
+	NOTE: This could only be exploited by a malicious, local user, which is an
+	NOTE: unsupported use case
 CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client in ...)
 	{DSA-1050-1}
 	- clamav 0.88.2

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-09-30 21:14:24 UTC (rev 4786)
+++ data/DSA/list	2006-10-01 08:31:52 UTC (rev 4787)
@@ -41,7 +41,7 @@
 	{CVE-2006-4095 CVE-2006-4096}
 	[sarge] - bind9 9.2.4-1sarge1
 [07 Sep 2006] DSA-1171 ethereal - several
-        {CVE-2006-4333 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3246 CVE-2005-3248}
+        {CVE-2006-4333 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3246 CVE-2005-3248 CVE-2005-3249}
         [sarge] - ethereal 0.10.10-2sarge8
 [06 Sep 2006] DSA-1170 gcc-3.4 - missing sanity check
         {CVE-2006-3619}




More information about the Secure-testing-commits mailing list