[Secure-testing-commits] r5384 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Tue Jan 30 02:11:42 CET 2007 

Author: jmm-guest
Date: 2007-01-30 02:11:38 +0100 (Tue, 30 Jan 2007)
New Revision: 5384

Modified:
   data/CVE/list
   data/DSA/list
Log:
fix netrik DSA version
one firefox issue unfixed in sarge
one firefox issue unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-29 20:14:12 UTC (rev 5383)
+++ data/CVE/list	2007-01-30 01:11:38 UTC (rev 5384)
@@ -1084,7 +1084,7 @@
 CVE-2006-6886 (phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: phpwcms
 CVE-2006-6885 (An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows ...)
-	- flashplugin-nonfree <not-affected>
+	- flashplugin-nonfree <not-affected> (Windows-specific)
 CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...)
 	NOT-FOR-US: Sky Software
 CVE-2006-6883 (** DISPUTED ** ...)
@@ -1688,7 +1688,7 @@
 CVE-2007-0010 [gtk error-handling-in-pixbuf-loaders]
 	RESERVED
 	- gtk+2.0 2.8.20-5
-	TODO: check gtk 1 ...
+	TODO: check gdk-pixbuf
 CVE-2007-0009
 	RESERVED
 CVE-2007-0008
@@ -13044,10 +13044,9 @@
 CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5.dfsg+1.5.0.2 (medium)
-	- mozilla-firefox 1.5.dfsg+1.5.0.2 (medium)
+	- mozilla-firefox <unfixed> (medium)
 	- mozilla <unfixed> (medium)
 	- thunderbird 1.5.0.2-1 (low)
-	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
 	- xulrunner 1.8.0.1-9
 	NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
 CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 ...)
@@ -21665,7 +21664,8 @@
 CVE-2005-3090 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php ...)
 	- mantis 0.19.2-4 (bug #330682; medium)
 CVE-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service (crash) ...)
-	- mozilla-firefox 1.0.7-1
+	- mozilla-firefox 1.0.7-1 (unimportant)
+	NOTE: Browser crashes not treated as security problems
 CVE-2005-3088 (fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 ...)
 	{DSA-900-3}
 	- fetchmail 6.2.5.4-1 (bug #336096; low)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2007-01-29 20:14:12 UTC (rev 5383)
+++ data/DSA/list	2007-01-30 01:11:38 UTC (rev 5384)
@@ -10,7 +10,7 @@
 	[etch] - vlc 0.8.6-svn20061012.debian-3
 [21 Jan 2007] DSA-1251-1 netrik
 	{CVE-2006-6678}
-	[sarge] - netrik 1.15.4-1sarge1
+	[sarge] - netrik 1.15.3-1sarge1
 [17 Jan 2007] DSA-1250-1 cacti
 	{CVE-2006-6799}
 	[sarge] - cacti 0.8.6c-7sarge4

More information about the Secure-testing-commits mailing list