[Secure-testing-commits] r4727 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Sep 14 17:35:11 UTC 2006 

Author: jmm-guest
Date: 2006-09-14 17:35:10 +0000 (Thu, 14 Sep 2006)
New Revision: 4727

Modified:
   data/CVE/list
Log:
bind8 not-affected by latest issues
mark two non-issues as unimportant
fix lynx version


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-13 20:41:57 UTC (rev 4726)
+++ data/CVE/list	2006-09-14 17:35:10 UTC (rev 4727)
@@ -1380,14 +1380,12 @@
 	RESERVED
 CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to ...)
 	{DSA-1772-1}
-	- bind <unfixed> (medium)
+	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245)
-	NOTE: there is no info whether bind 8 is affected
 CVE-2006-4095 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...)
 	{DSA-1772-1}
-	- bind <unfixed> (medium)
+	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245)
-	NOTE: there is no info whether bind 8 is affected
 CVE-2006-4094
 	RESERVED
 CVE-2006-4093 (Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on ...)
@@ -13548,8 +13546,9 @@
 CVE-2005-3661 (Dell TrueMobile 2300 Wireless Broadband Router running firmware ...)
 	NOT-FOR-US: Dell hardware issue
 CVE-2005-3660 (Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ...)
-	- linux-2.6 <unfixed> (low)
-	NOTE: Really hard to fix design limitation, no fix to be expected soon
+	- linux-2.6 <unfixed> (unimportant)
+	NOTE: Design limitation, for rare corner cases, where this poses a problem advanced
+	NOTE: resource management systems can be deployed
 CVE-2005-3659 (nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before ...)
 	NOT-FOR-US: EMC Legato NetWorker
 CVE-2005-3658 (Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x ...)
@@ -25194,7 +25193,7 @@
 	NOT-FOR-US: Tonecast
 CVE-2004-1617 (Lynx and lynx-ssl allow remote attackers to cause a denial of service ...)
 	{DSA-1077-1 DSA-1076-1}
-	- lynx 2.8.5-2sarge1.2 (bug #296340; low)
+	- lynx 2.8.5-2sarge2.1 (bug #296340; low)
 	- lynx-cur 2.8.6-6 (low)
 	- lynx-ssl <removed>
 CVE-2004-1616 (Links allows remote attackers to cause a denial of service (memory ...)
@@ -26957,10 +26956,9 @@
 CVE-2005-0024
 	RESERVED
 CVE-2005-0023 (gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to ...)
-	- gnome-libs <unfixed> (bug #329156; low)
-	- vte <unfixed> (bug #330907; low)
-	[sarge] - vte <no-dsa> (Not considered a security problem, see #329156)
-	[sarge] - gnome-libs <no-dsa> (Not considered a security problem, see #329156)
+	- gnome-libs <unfixed> (bug #329156; unimportant)
+	- vte <unfixed> (bug #330907; unimportant)
+	NOTE: Not considered a security problem, see #329156
 CVE-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim before ...)
 	- exim4 4.34-10
 CVE-2005-0021 (Multiple buffer overflows in Exim before 4.43 may allow attackers to ...)

More information about the Secure-testing-commits mailing list