[Secure-testing-commits] r5435 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Sun Feb 11 18:02:08 UTC 2007


Author: jmm-guest
Date: 2007-02-11 19:02:04 +0100 (Sun, 11 Feb 2007)
New Revision: 5435

Modified:
   data/CVE/list
   data/DSA/list
Log:
new linux-2.6 issue
thunderbird DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-02-10 00:51:16 UTC (rev 5434)
+++ data/CVE/list	2007-02-11 18:02:04 UTC (rev 5435)
@@ -446,12 +446,11 @@
 CVE-2007-0659 (download.php in the MuddyDogPaws FileDownload snippet before 2.5 for ...)
 	NOT-FOR-US: MODx MuddyDogPaws FileDownload
 CVE-2007-0658 (The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module ...)
-	- drupal <not-affected> (Drupal module "Textimage")
+	NOT-FOR-US: Drupal addon module "Textimage"
 CVE-2007-0657 (Unspecified vulnerability in Nexuiz 2.2.2 allows remote attackers to ...)
 	- nexuiz 2.2.3-1 (medium)
 CVE-2007-0656 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
-	- phpbb2 <not-affected>
-	NOTE: phpBB2-MODificat it is a module to phpbb2.
+	NOT-FOR-US: phpBB2-MODificat it is a module to phpbb2
 CVE-2007-0655
 	RESERVED
 CVE-2007-0654
@@ -712,7 +711,7 @@
 CVE-2007-0535 (Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly ...)
 	NOT-FOR-US: Vote! Pro
 CVE-2007-0534 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Project ...)
-	- drupal <not-affected> (Drupal module "Project")
+	NOT-FOR-US: Drupal module "Project"
 CVE-2007-0533 (The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and ...)
 	NOT-FOR-US: Borland Delphi
 CVE-2007-0532 (Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive ...)
@@ -765,11 +764,11 @@
 CVE-2007-0509 (Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have ...)
 	NOT-FOR-US: MaklerPlus
 CVE-2007-0507 (SQL injection vulnerability in the Acidfree module for Drupal before ...)
-	- drupal <not-affected> (Drupal module "Acidfree")
+	NOT-FOR-US: Drupal module "Acidfree"
 CVE-2007-0506 (The project_issue_access function in the Project issue tracking 4.7.0 ...)
-	- drupal <not-affected> (Drupal module "Project")
+	NOT-FOR-US: Drupal module "Project"
 CVE-2007-0505 (Unrestricted file upload vulnerability in the Project issue tracking ...)
-	- drupal <not-affected> (Drupal module "Project")
+	NOT-FOR-US: Drupal module "Project"
 CVE-2007-0504 (Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and ...)
 	NOT-FOR-US: Vote! Pro
 CVE-2007-0503 (Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 ...)
@@ -2574,7 +2573,7 @@
 CVE-2007-0007
 	RESERVED
 CVE-2007-0006 (The key serial number collision avoidance code in the key_alloc_serial ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2007-0005
 	RESERVED
 CVE-2007-0004

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2007-02-10 00:51:16 UTC (rev 5434)
+++ data/DSA/list	2007-02-11 18:02:04 UTC (rev 5435)
@@ -1,3 +1,6 @@
+[07 Jan 2007] DSA-1258-1 mozilla-thunderbird
+	{CVE-2006-6497 CVE-2006-6498 CVE-2006-6499 CVE-2006-6501 CVE-2006-6502 CVE-2006-6503}
+	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8e.2
 [05 Feb 2007] DSA-1257 samba
         {CVE-2007-0452 CVE-2007-0454}
         [sarge] - samba 3.0.14a-3sarge4




More information about the Secure-testing-commits mailing list