[Secure-testing-commits] r4728 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Sep 14 17:46:58 UTC 2006 

Author: jmm-guest
Date: 2006-09-14 17:46:56 +0000 (Thu, 14 Sep 2006)
New Revision: 4728

Modified:
   data/CVE/list
Log:
two more unimportant issues
older lynx issue needs fixing in sid as well


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-14 17:35:10 UTC (rev 4727)
+++ data/CVE/list	2006-09-14 17:46:56 UTC (rev 4728)
@@ -15052,7 +15052,7 @@
 	NOT-FOR-US: Panda Antivirus
 CVE-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV ...)
 	- clamav <unfixed> (unimportant)
-	[sarge] - clamav <no-dsa> (Should rather be fixed in the buggy (fringe) RAR unpackers)
+	NOTE: Should rather be fixed in the buggy (fringe, proprietary) RAR unpackers
 CVE-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus ...)
 	NOT-FOR-US: Ikarus Antivirus
 CVE-2005-3227 (Multiple interpretation error in unspecified versions of UNA Antivirus ...)
@@ -15350,7 +15350,7 @@
 	TODO: Check, whether this version really fixes the issue, it's not mentioned in the changelog
 CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and ...)
 	{DSA-1085-1 DSA-876-1 DSA-874-1}
-	- lynx 2.8.5-2sarge1 (bug #335033; high)
+	- lynx <unfixed> (bug #335033; high)
 	- lynx-cur 2.8.6-16 (bug #334423; high)
 	- lynx-ssl <removed>
 CVE-2005-3118 (Mason before 1.0.0 does not install the init script after the user ...)
@@ -23341,9 +23341,8 @@
 CVE-2005-1040 (Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop ...)
 	- netapplet <not-affected> (Not vulerable, see bug #310833)
 CVE-2005-1039 (Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, ...)
-	- coreutils <unfixed> (bug #304556; low)
-	[sarge] - coreutils <no-dsa> (Minor issue, hardly exploitable)
-	[woody] - coreutils <no-dsa> (Minor issue, hardly exploitable)
+	- coreutils <unfixed> (bug #304556; unimportant)
+	NOTE: Minor issue, generic UNIX design issue, see discussion in #304556)
 CVE-2005-1038 (crontab in Vixie cron 4.1, when running with the -e option, allows ...)
 	NOTE: long fixed in Debian's cron
 CVE-2005-1037 (Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, ...)

More information about the Secure-testing-commits mailing list