[Secure-testing-commits] r4758 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Sun Sep 24 19:11:53 UTC 2006 

Author: stef-guest
Date: 2006-09-24 19:11:52 +0000 (Sun, 24 Sep 2006)
New Revision: 4758

Modified:
   data/CVE/list
Log:
mailman, spread, ipcalc, alsaplayer fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-24 15:32:05 UTC (rev 4757)
+++ data/CVE/list	2006-09-24 19:11:52 UTC (rev 4758)
@@ -615,7 +615,7 @@
 CVE-2006-4625 (PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass ...)
 	TODO: check
 CVE-2006-4624 (CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 ...)
-	TODO: check
+	- mailman 1:2.1.8-3
 CVE-2006-4623 (The Unidirectional Lightweight Encapsulation (ULE) decapsulation ...)
 	TODO: check
 CVE-2002-2217 (Multiple PHP remote file inclusion vulnerabilities in Web Server ...)
@@ -1851,7 +1851,7 @@
 	NOT-FOR-US: Webligo BlogHoster
 CVE-2006-4089 (Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and ...)
 	{DSA-1779-1}
-	- alsaplayer <unfixed> (medium; bug #382842)
+	- alsaplayer 0.99.76-9 (medium; bug #382842)
 CVE-2006-4088 (Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace ...)
 	NOT-FOR-US: CivicSpace
 CVE-2006-4087 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
@@ -2376,7 +2376,7 @@
 CVE-2006-3849 (Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection ...)
 	NOT-FOR-US: Warzone
 CVE-2006-3848 (Cross-site scripting (XSS) vulnerability in CGI wrapper for IP ...)
-	NOT-FOR-US: ipcalc <unfixed> (bug #381469; low)
+	- ipcalc 0.41-1 (bug #381469; low)
 CVE-2006-3847 (PHP remote file inclusion vulnerability in (1) admin.php, and possibly ...)
 	NOT-FOR-US: MoSpray
 CVE-2006-3846 (PHP remote file inclusion vulnerability in extadminmenus.class.php in ...)
@@ -2921,7 +2921,7 @@
 CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3636 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
-	- mailman <unfixed>
+	- mailman 1:2.1.8-3
 CVE-2006-3635
 	RESERVED
 CVE-2006-3634 (The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic ...)
@@ -4026,7 +4026,7 @@
 	{DSA-1124}
 	- fbi 2.05-1
 CVE-2006-3118 (spread uses a temporary file with a static filename based on the port ...)
-	- spread <unfixed> (bug #375617; low)
+	- spread 3.17.3-4 (bug #375617; low)
 	[sarge] - spread <no-dsa> (Minimal security implications)
 CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up ...)
 	{DSA-1104}
@@ -4416,7 +4416,7 @@
 CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki ...)
 	- twiki <not-affected> (Debian's version is old and does not include affected file)
 CVE-2006-2941 (Mailman before 2.1.9rc1 allows remote attackers to cause a denial of ...)
-	- mailman <unfixed>
+	- mailman 1:2.1.8-3
 CVE-2006-2940
 	RESERVED
 CVE-2006-2939

More information about the Secure-testing-commits mailing list