[Secure-testing-commits] r4762 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Sep 24 21:45:13 UTC 2006 

Author: jmm-guest
Date: 2006-09-24 21:45:09 +0000 (Sun, 24 Sep 2006)
New Revision: 4762

Modified:
   data/CVE/list
   data/DSA/list
Log:
new dsa
tcc resolved
mysql-ocaml issues unimportant, only at build time


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-24 20:41:32 UTC (rev 4761)
+++ data/CVE/list	2006-09-24 21:45:09 UTC (rev 4762)
@@ -10003,8 +10003,10 @@
 CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
 	NOT-FOR-US: eyeOS
 CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...)
-	- tcc <unfixed> (bug #352202; low)
+	- tcc 0.9.23-3 (bug #352202; low)
 	[sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use)
+	NOTE: Proper protection against integer overflows still need to be done inside
+	NOTE: the application compiled with TCC, the version above documents the behaviour
 CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...)
 	NOT-FOR-US: Borland C++Builder
 CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)
@@ -21113,7 +21115,7 @@
 	NOT-FOR-US: sysreport
 CVE-2005-1759 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
 	- shtool 2.0.1-2 (low)
-	- mysql-ocaml 1.0.3-6 (low)
+	- mysql-ocaml 1.0.3-6 (unimportant)
 	- php4 4:4.4.0-1 (low)
 	[sarge] - php4 4:4.3.10-16 (low)
 CVE-2005-1758 (Buffer overflow in the IMAP command continuation function in Novell ...)
@@ -21125,7 +21127,7 @@
 CVE-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
 	{DSA-789-1 DTSA-15-1}
 	- shtool 2.0.1-2 (bug #311206; low)
-	- mysql-ocaml 1.0.3-6 (bug #314464; low)
+	- mysql-ocaml 1.0.3-6 (bug #314464; unimportant)
 	- php4 4:4.3.10-16 (low)
 	[sarge] - php4 4:4.3.10-16 (low)
 CVE-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-09-24 20:41:32 UTC (rev 4761)
+++ data/DSA/list	2006-09-24 21:45:09 UTC (rev 4762)
@@ -1,3 +1,6 @@
+[22 Sep 2006] DSA-1782-1 gnutls11
+	{CVE-2006-4790}
+	[sarge] - gnutls11 1.0.16-13.2sarge2 
 [19 Sep 2006] DSA-1781-1 gzip
 	{CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338}
 	[sarge] - gzip 1.3.5-10sarge2

More information about the Secure-testing-commits mailing list