[Secure-testing-commits] r4876 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Oct 24 15:57:43 UTC 2006 

Author: jmm-guest
Date: 2006-10-24 15:57:41 +0000 (Tue, 24 Oct 2006)
New Revision: 4876

Modified:
   data/CVE/list
   data/DSA/list
Log:
webmin dsa
old linux-2.6 issue
qt4 fixed
koffice fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-24 09:14:19 UTC (rev 4875)
+++ data/CVE/list	2006-10-24 15:57:41 UTC (rev 4876)
@@ -1340,7 +1340,7 @@
 CVE-2006-4820 (Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and ...)
 	NOT-FOR-US: HP-UX
 CVE-2006-4819 (Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2006-4818
 	RESERVED
 CVE-2006-4817
@@ -1352,13 +1352,13 @@
 CVE-2006-4814
 	RESERVED
 CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux kernel ...)
-	TODO: check
+	- linux-2.6 2.6.13-1
 CVE-2006-4812 (Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote ...)
 	- php4 <not-affected>
 	- php5 <unfixed> (bug #391586)
 CVE-2006-4811 (Integer overflow in Qt, as used in the KDE khtml library, kdelibs ...)
 	- qt-x11-free 3:3.3.7-1 (bug #394192; bug #394313)
-	- qt4-x11 <unfixed> (bug #394192)
+	- qt4-x11 4.2.1-1 (bug #394192)
 CVE-2006-4810
 	RESERVED
 CVE-2006-4809
@@ -2424,7 +2424,7 @@
 	- openssl097 0.9.7k-2
 	- openssl096 <removed>
 CVE-2006-4342 (The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, ...)
-	TODO: check
+	- linux-2.6 <not-affected> (Flaw specific to Red Hat backport)
 CVE-2006-4341
 	REJECTED
 CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as used ...)
@@ -2885,7 +2885,6 @@
 CVE-2006-4146 (Buffer overflow in the (1) DWARF (dwarfread.c) and DWARF2 ...)
 	- gdb <unfixed> (unimportant)
 	NOTE: Every sensible use of gdb involves executing the debugged binary
-	TODO: file bug
 CVE-2006-4145 (The Universal Disk Format (UDF) filesystem driver in Linux kernel ...)
 	- linux-2.6 2.6.17-7
 CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers to ...)
@@ -12044,7 +12043,7 @@
 	- kdegraphics 4:3.5.1-2 (medium)
 	- gpdf 2.10.0-3 (medium)
 	- xpdf 3.01-6 (bug #350785; bug #350783; medium)
-	- koffice <unfixed> (medium)
+	- koffice 1.5.0-1 (medium)
 	- libextractor 0.5.10-1 (medium)
 	- pdfkit.framework 0.8-4 (medium)
 CVE-2006-0300 (Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-10-24 09:14:19 UTC (rev 4875)
+++ data/DSA/list	2006-10-24 15:57:41 UTC (rev 4876)
@@ -1,3 +1,6 @@
+[23 Oct 2006] DSA-1199-1 webmin
+	{CVE-2005-3912 CVE-2006-3392 CVE-2006-4542}
+	[sarge] - webmin 1.180-3sarge1
 [23 Oct 2006] DSA-1198-1 python2.3
 	{CVE-2006-4980}
 	[sarge] - python2.3 2.3.5-3sarge2

More information about the Secure-testing-commits mailing list