[Secure-testing-commits] r4842 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Wed Oct 11 18:13:10 UTC 2006 

Author: stef-guest
Date: 2006-10-11 18:13:08 +0000 (Wed, 11 Oct 2006)
New Revision: 4842

Modified:
   data/CVE/list
Log:
- one kfreebsd issue fixed
- busybox httpd issue irreproducible


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-11 17:44:26 UTC (rev 4841)
+++ data/CVE/list	2006-10-11 18:13:08 UTC (rev 4842)
@@ -376,7 +376,7 @@
 	NOTE: From my analysis only openssh with Kerberos support should be vulnerable
 	NOTE: However, we'll fix openssh as well just to make sure
 CVE-2006-5050 (Directory traversal vulnerability in httpd in Rob Landley BusyBox ...)
-	- busybox <unfixed> (bug #390555; low)
+	- busybox <not-affected> (bug #390555; irreproducible)
 	[sarge] - busybox <not-affected> (Vulnerable code not present)
 CVE-2006-5049 (Unspecified vulnerability in Classifieds (com_classifieds) component ...)
 	NOT-FOR-US: Classifieds (com_classifieds) component for Joomla!
@@ -2033,7 +2033,7 @@
 	{DSA-1190-1}
 	- maxdb-7.5.00 7.5.00.34-5 (high; bug #386182)
 CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD ...)
-	- kfreebsd-5 <unfixed> (bug #391289)
+	- kfreebsd-5 5.4-18 (bug #391289)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
 CVE-2006-4303 (Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun ...)
 	NOT-FOR-US: Solaris
@@ -2325,7 +2325,7 @@
 CVE-2006-4179
 	RESERVED
 CVE-2006-4178 (Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and ...)
-	- kfreebsd-5 <unfixed> (bug #391289)
+	- kfreebsd-5 <unfixed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
 CVE-2006-4177
 	RESERVED
@@ -2338,7 +2338,7 @@
 CVE-2006-4173
 	RESERVED
 CVE-2006-4172 (Integer overflow vulnerability in the i386_set_ldt call in FreeBSD ...)
-	- kfreebsd-5 <unfixed> (bug #391289)
+	- kfreebsd-5 <unfixed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
 CVE-2006-4171
 	RESERVED

More information about the Secure-testing-commits mailing list