[Secure-testing-commits] r4884 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Wed Oct 25 18:19:00 UTC 2006


Author: stef-guest
Date: 2006-10-25 18:18:59 +0000 (Wed, 25 Oct 2006)
New Revision: 4884

Modified:
   data/CVE/list
Log:
- asterisk fixed
- new postgresql DoSs already fixed (low)
- CVE-2006-4573: new screen issue (medium)
- new diffmon issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-25 02:55:21 UTC (rev 4883)
+++ data/CVE/list	2006-10-25 18:18:59 UTC (rev 4884)
@@ -1,3 +1,9 @@
+CVE-2006-XXXX [diffmon information leakage]
+	- diffmon 20020222-2.2 (bug #382132)
+CVE-2006-XXXX [postgres DoSs]
+	- postgresql-7.4 1:7.4.14-1
+	- postgresql-8.1 8.1.5-1
+	[sarge] - postgresql <unfixed> (low)
 CVE-2006-XXXX [serendipity XSS for registered authors]
 	- serendipity 1.0.2-1 (low)
 CVE-2006-XXXX [drupal XSS and XSRF http://secunia.com/advisories/22486/]
@@ -34,9 +40,9 @@
 CVE-2006-5446 (SQL injection vulnerability in lobby/config.php in Casinosoft Casino ...)
 	NOT-FOR-US: Casinosoft Casino Script (aka Masvet)
 CVE-2006-5445 (Unspecified vulnerability in the SIP channel driver ...)
-	- asterisk <unfixed> (medium; bug #395080)
+	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080)
 CVE-2006-5444 (Integer overflow in the get_input function in the Skinny channel ...)
-	- asterisk <unfixed> (medium; bug #395080)
+	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080)
 CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics ...)
 	- wims <unfixed> (bug #395102)
 CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP ...)
@@ -1874,8 +1880,9 @@
 	RESERVED
 CVE-2006-4574
 	RESERVED
-CVE-2006-4573
+CVE-2006-4573 [GNU Screen UTF-8 Character Handling Vulnerabilities]
 	RESERVED
+	- screen <unfixed> (bug filed; medium)
 CVE-2006-4572
 	RESERVED
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, ...)




More information about the Secure-testing-commits mailing list