[Secure-testing-commits] r5391 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Jan 31 23:11:17 CET 2007


Author: jmm-guest
Date: 2007-01-31 23:11:14 +0100 (Wed, 31 Jan 2007)
New Revision: 5391

Modified:
   data/CVE/list
   data/DSA/list
Log:
two new DSAs
phpbb issue already adressed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-31 19:38:54 UTC (rev 5390)
+++ data/CVE/list	2007-01-31 22:11:14 UTC (rev 5391)
@@ -207,10 +207,10 @@
 	- chmlib 2:0.39-1 (bug #408603; medium)
 CVE-2007-0494 (ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 ...)
 	{DSA-1254-1}
-	- bind9 1:9.3.4-2
+	- bind9 1:9.3.4-2 (medium; bug #408432)
 	- bind <not-affected>
 CVE-2007-0493 (Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to ...)
-	- bind9 1:9.3.4-2
+	- bind9 1:9.3.4-2 (medium; bug #408432)
 	[sarge] - bind9 <not-affected> (Vulnerable code not present)
 	- bind <not-affected>
 CVE-2007-XXXX [gstreamer ffmpeg missing checks of packet sizes, chunk sizes, and fragment positions]
@@ -2254,7 +2254,8 @@
 CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in ...)
 	NOT-FOR-US: SiteKiosk
 CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...)
-	- phpbb2 <unfixed> (bug #402140; low)
+	NOTE: This is covered/duped by CVE-2006-6841
+	- phpbb2 2.0.21-6
 CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass ...)
 	NOTE: MFSA-2006-76
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -2700,7 +2701,7 @@
 	- linux-2.6 <unfixed>
 	[etch] - linux-2.6 <not-affected> (Only affects 2.6.19, introduced after 2.6.18)
 CVE-2006-6332 (Stack-based buffer overflow in net80211/ieee80211_wireless.c in ...)
-	- madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836)
+	- madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836; bug #402111)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
 CVE-2006-6331 (metaInfo.php in TorrentFlux 2.2, when $cfg[&quot;enable_file_priority&quot;] is ...)
 	- torrentflux 2.1-7 (bug #400582; medium)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2007-01-31 19:38:54 UTC (rev 5390)
+++ data/DSA/list	2007-01-31 22:11:14 UTC (rev 5391)
@@ -1,3 +1,9 @@
+[31 Jan 2007] DSA-1256-1 gtk+2.0
+	{CVE-2007-0010}
+	[sarge] - gtk+2.0 2.6.4-3.2
+[31 Jan 2007] DSA-1255-1 libgtop2
+	{CVE-2007-0235}
+	[sarge] - libgtop2 2.6.0-4sarge1
 [27 Jan 2007] DSA-1254-1 bind9
 	{CVE-2007-0494}
 	[sarge] - bind9 9.2.4-1sarge2




More information about the Secure-testing-commits mailing list