[Secure-testing-commits] r6075 - bin data/CVE website

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Fri Jun 29 16:34:07 UTC 2007 

Author: stef-guest
Date: 2007-06-29 16:34:06 +0000 (Fri, 29 Jun 2007)
New Revision: 6075

Modified:
   bin/updatehtmllist
   data/CVE/list
   website/list.html
   website/style.css
Log:
krb5 fixed

Modified: bin/updatehtmllist
===================================================================
--- bin/updatehtmllist	2007-06-28 23:18:08 UTC (rev 6074)
+++ bin/updatehtmllist	2007-06-29 16:34:06 UTC (rev 6075)
@@ -23,7 +23,7 @@
 }
 close HEAD;	
 
-print OUT "<dl>\n";
+print OUT "<table class='.list'>\n";
 
 my $pack = 0;
 my $date = "";
@@ -31,31 +31,26 @@
 my $package = "";
 my $desc = "";
 open (LIST, at ARGV[0]) || die("Could not open list ". at ARGV[0].": $!");
-while(<LIST>) {
-	$line = $_ ;
-	if ($line=~/^(\[.+\]) (DTSA-[0-9]+-[0-9]+) ([^ ].+) - (.+)$/) {
-		if ($pack == 1) {
-			# print the previous acvisory, as it wasn't unreleased
-			print OUT "<dt>$date <a href='DTSA/$dtsa.html'>$dtsa $package</a></dt>\n";
-			print OUT "<dd>$desc</dd>\n";
-		}
-		$date = $1;
-		$dtsa = $2;
-		$package = $3;
-		$desc = $4;
-		$pack = 1;
+my @list;
+{
+	local $/="\n\[";
+	@list = reverse <LIST>;
+}
+close LIST;
+
+foreach my $entry (@list) {
+	next if $entry =~ /TODO: unreleased/;
+	if ($entry=~/^\[?(.+)\] (DTSA-[0-9]+-[0-9]+) ([^ ].+) - (.+)$/m) {
+		print OUT htmlentry($1, $2, $3, $4);
 	}
-	if ($line=~/TODO: unreleased$/) {
-		$pack = 0;
+	else {
+		print STDERR "invalid entry:\n$entry";
 	}
 }
-if ($pack == 1) {
-	# print the previous acvisory, as it wasn't unreleased
-	print OUT "<dt>$date <a href='DTSA/$dtsa.html'>$dtsa $package</a></dt>\n";
-	print OUT "<dd>$desc</dd>\n";
-}
-print OUT "</dl>\n";
 
+print OUT "</table>\n";
+
+
 open (FOOT,"footer.html") || die("Could not open footer.html: $!"); ;
 while(<FOOT>) {
 	$line = $_ ;
@@ -68,3 +63,14 @@
 	rename("$output.tmp.$$", $output) || die "rename: $!";
 }
 
+
+
+sub htmlentry {
+	my ($date, $dtsa, $package, $desc) = @_;
+	return << "EOF";
+<tr><td>$date</td><td> <a href='DTSA/$dtsa.html'>$dtsa $package</a></td>\n
+<td>$desc</td></tr>
+EOF
+}
+
+

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-28 23:18:08 UTC (rev 6074)
+++ data/CVE/list	2007-06-29 16:34:06 UTC (rev 6075)
@@ -1490,7 +1490,7 @@
 CVE-2007-2799 (Integer overflow in the &quot;file&quot; program 4.20, when running on 32-bit ...)
 	- file 4.21-1 (medium)	
 CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc function in ...)
-	- krb5 <unfixed> (high; bug #430785)
+	- krb5 1.6.dfsg.1-5 (high; bug #430785)
 CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
 	- php4 <unfixed> (unimportant)
 	- php5 <unfixed> (unimportant)
@@ -2283,9 +2283,9 @@
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1
 CVE-2007-2443 (Integer signedness error in the gssrpc__svcauth_unix function in ...)
-	- krb5 <unfixed> (bug #430787; medium)
+	- krb5 1.6.dfsg.1-5 (bug #430787; medium)
 CVE-2007-2442 (The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ...)
-	- krb5 <unfixed> (bug #430787; high)
+	- krb5 1.6.dfsg.1-5 (bug #430787; high)
 CVE-2007-2441 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
 	NOT-FOR-US: Caucho Resin Professional
 CVE-2007-2440 (Directory traversal vulnerability in Caucho Resin Professional 3.1.0 ...)

Modified: website/list.html
===================================================================
--- website/list.html	2007-06-28 23:18:08 UTC (rev 6074)
+++ website/list.html	2007-06-29 16:34:06 UTC (rev 6075)
@@ -36,84 +36,125 @@
     </table>
 
 <!-- header -->
-<dl>
-<dt>[August 26th, 2005] <a href='DTSA/DTSA-1-1.html'>DTSA-1-1 kismet</a></dt>
-<dd>various</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-2-1.html'>DTSA-2-1 centericq</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-3-1.html'>DTSA-3-1 clamav</a></dt>
-<dd>denial of service and privilege escalation</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-4-1.html'>DTSA-4-1 ekg</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-5-1.html'>DTSA-5-1 gaim</a></dt>
-<dd>multiple remote vulnerabilities</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-6-1.html'>DTSA-6-1 cgiwrap</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a href='DTSA/DTSA-7-1.html'>DTSA-7-1 mozilla</a></dt>
-<dd>frame injection spoofing</dd>
-<dt>[September 1st, 2005] <a href='DTSA/DTSA-8-2.html'>DTSA-8-2 mozilla-firefox</a></dt>
-<dd>several vulnerabilities (update)</dd>
-<dt>[August 31st, 2005] <a href='DTSA/DTSA-9-1.html'>DTSA-9-1 bluez-utils</a></dt>
-<dd>bad device name escaping</dd>
-<dt>[August 29th, 2005] <a href='DTSA/DTSA-10-1.html'>DTSA-10-1 pcre3</a></dt>
-<dd>buffer overflow</dd>
-<dt>[August 29th, 2005] <a href='DTSA/DTSA-11-1.html'>DTSA-11-1 maildrop</a></dt>
-<dd>local privilege escalation</dd>
-<dt>[September 8th, 2005] <a href='DTSA/DTSA-12-1.html'>DTSA-12-1 vim</a></dt>
-<dd>modeline exploits</dd>
-<dt>[September 8th, 2005] <a href='DTSA/DTSA-13-1.html'>DTSA-13-1 evolution</a></dt>
-<dd>format string vulnerabilities</dd>
-<dt>[September 13th, 2005] <a href='DTSA/DTSA-14-1.html'>DTSA-14-1 mozilla</a></dt>
-<dd>several</dd>
-<dt>[September 13th, 2005] <a href='DTSA/DTSA-15-1.html'>DTSA-15-1 php4</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[September 15th, 2005] <a href='DTSA/DTSA-16-1.html'>DTSA-16-1 linux-2.6</a></dt>
-<dd>various</dd>
-<dt>[September 15th, 2005] <a href='DTSA/DTSA-17-1.html'>DTSA-17-1 lm-sensors</a></dt>
-<dd>insecure temporary file</dd>
-<dt>[September 22nd, 2005] <a href='DTSA/DTSA-19-1.html'>DTSA-19-1 clamav</a></dt>
-<dd>buffer overflow and infinate loop problems</dd>
-<dt>[October 13th, 2005] <a href='DTSA/DTSA-20-1.html'>DTSA-20-1 mailutils</a></dt>
-<dd>Format string vulnerability</dd>
-<dt>[November 3rd, 2005] <a href='DTSA/DTSA-21-1.html'>DTSA-21-1 clamav</a></dt>
-<dd>Denial of service vulnerabilities and buffer overflow</dd>
-<dt>[December 5th, 2005] <a href='DTSA/DTSA-22-1.html'>DTSA-22-1 uim</a></dt>
-<dd>local privilege escalation</dd>
-<dt>[December 5th, 2005] <a href='DTSA/DTSA-23-1.html'>DTSA-23-1 centericq</a></dt>
-<dd>buffer overflow</dd>
-<dt>[December 5th, 2005] <a href='DTSA/DTSA-24-1.html'>DTSA-24-1 inkscape</a></dt>
-<dd>buffer overflow</dd>
-<dt>[December 5th, 2005] <a href='DTSA/DTSA-25-1.html'>DTSA-25-1 smb4k</a></dt>
-<dd>access validation error</dd>
-<dt>[December 5th, 2005] <a href='DTSA/DTSA-26-1.html'>DTSA-26-1 trackballs</a></dt>
-<dd>symlink attack</dd>
-<dt>[January 20th, 2006] <a href='DTSA/DTSA-27-1.html'>DTSA-27-1 fuse</a></dt>
-<dd>potential data corruption when installed seduid root</dd>
-<dt>[January 25th, 2005] <a href='DTSA/DTSA-28-1.html'>DTSA-28-1 gpdf</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[June 15th, 2006] <a href='DTSA/DTSA-29-1.html'>DTSA-29-1 blender</a></dt>
-<dd>heap-based buffer overflow</dd>
-<dt>[September 27th, 2006] <a href='DTSA/DTSA-31-1.html'>DTSA-31-1 hyperestraier</a></dt>
-<dd>cross-site request forgery (CSRF) vulnerability</dd>
-<dt>[February 1st, 2007] <a href='DTSA/DTSA-32-1.html'>DTSA-32-1 bcfg2</a></dt>
-<dd>programming error</dd>
-<dt>[February 12th, 2007] <a href='DTSA/DTSA-33-1.html'>DTSA-33-1 wordpress</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[March 3rd, 2007] <a href='DTSA/DTSA-34-1.html'>DTSA-34-1 wordpress</a></dt>
-<dd>cross-site scripting</dd>
-<dt>[May 22th, 2007] <a href='DTSA/DTSA-35-1.html'>DTSA-35-1 aircrack-ng</a></dt>
-<dd>programming error</dd>
-<dt>[May 22th, 2007] <a href='DTSA/DTSA-36-1.html'>DTSA-36-1 mydns</a></dt>
-<dd>multiple buffer overflows</dd>
-<dt>[May 22th, 2007] <a href='DTSA/DTSA-37-1.html'>DTSA-37-1 clamav</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 26th, 2007] <a href='DTSA/DTSA-38-1.html'>DTSA-38-1 qemu</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 28th, 2007] <a href='DTSA/DTSA-39-1.html'>DTSA-39-1 php5</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 28th, 2007] <a href='DTSA/DTSA-40-1.html'>DTSA-40-1 php4</a></dt>
-<dd>several vulnerabilities</dd>
-</dl>
+<table class='.list'>
+<tr><td>May 31th, 2007</td><td> <a href='DTSA/DTSA-41-1.html'>DTSA-41-1 samba</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 28th, 2007</td><td> <a href='DTSA/DTSA-40-1.html'>DTSA-40-1 php4</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 28th, 2007</td><td> <a href='DTSA/DTSA-39-1.html'>DTSA-39-1 php5</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 26th, 2007</td><td> <a href='DTSA/DTSA-38-1.html'>DTSA-38-1 qemu</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 22th, 2007</td><td> <a href='DTSA/DTSA-37-1.html'>DTSA-37-1 clamav</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 22th, 2007</td><td> <a href='DTSA/DTSA-36-1.html'>DTSA-36-1 mydns</a></td>
+
+<td>multiple buffer overflows</td></tr>
+<tr><td>May 22th, 2007</td><td> <a href='DTSA/DTSA-35-1.html'>DTSA-35-1 aircrack-ng</a></td>
+
+<td>programming error</td></tr>
+<tr><td>March 3rd, 2007</td><td> <a href='DTSA/DTSA-34-1.html'>DTSA-34-1 wordpress</a></td>
+
+<td>cross-site scripting</td></tr>
+<tr><td>February 12th, 2007</td><td> <a href='DTSA/DTSA-33-1.html'>DTSA-33-1 wordpress</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>February 1st, 2007</td><td> <a href='DTSA/DTSA-32-1.html'>DTSA-32-1 bcfg2</a></td>
+
+<td>programming error</td></tr>
+<tr><td>September 27th, 2006</td><td> <a href='DTSA/DTSA-31-1.html'>DTSA-31-1 hyperestraier</a></td>
+
+<td>cross-site request forgery (CSRF) vulnerability</td></tr>
+<tr><td>June 15th, 2006</td><td> <a href='DTSA/DTSA-29-1.html'>DTSA-29-1 blender</a></td>
+
+<td>heap-based buffer overflow</td></tr>
+<tr><td>January 25th, 2005</td><td> <a href='DTSA/DTSA-28-1.html'>DTSA-28-1 gpdf</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>January 20th, 2006</td><td> <a href='DTSA/DTSA-27-1.html'>DTSA-27-1 fuse</a></td>
+
+<td>potential data corruption when installed seduid root</td></tr>
+<tr><td>December 5th, 2005</td><td> <a href='DTSA/DTSA-26-1.html'>DTSA-26-1 trackballs</a></td>
+
+<td>symlink attack</td></tr>
+<tr><td>December 5th, 2005</td><td> <a href='DTSA/DTSA-25-1.html'>DTSA-25-1 smb4k</a></td>
+
+<td>access validation error</td></tr>
+<tr><td>December 5th, 2005</td><td> <a href='DTSA/DTSA-24-1.html'>DTSA-24-1 inkscape</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>December 5th, 2005</td><td> <a href='DTSA/DTSA-23-1.html'>DTSA-23-1 centericq</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>December 5th, 2005</td><td> <a href='DTSA/DTSA-22-1.html'>DTSA-22-1 uim</a></td>
+
+<td>local privilege escalation</td></tr>
+<tr><td>November 3rd, 2005</td><td> <a href='DTSA/DTSA-21-1.html'>DTSA-21-1 clamav</a></td>
+
+<td>Denial of service vulnerabilities and buffer overflow</td></tr>
+<tr><td>October 13th, 2005</td><td> <a href='DTSA/DTSA-20-1.html'>DTSA-20-1 mailutils</a></td>
+
+<td>Format string vulnerability</td></tr>
+<tr><td>September 22nd, 2005</td><td> <a href='DTSA/DTSA-19-1.html'>DTSA-19-1 clamav</a></td>
+
+<td>buffer overflow and infinate loop problems</td></tr>
+<tr><td>September 15th, 2005</td><td> <a href='DTSA/DTSA-17-1.html'>DTSA-17-1 lm-sensors</a></td>
+
+<td>insecure temporary file</td></tr>
+<tr><td>September 15th, 2005</td><td> <a href='DTSA/DTSA-16-1.html'>DTSA-16-1 linux-2.6</a></td>
+
+<td>various</td></tr>
+<tr><td>September 13th, 2005</td><td> <a href='DTSA/DTSA-15-1.html'>DTSA-15-1 php4</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>September 13th, 2005</td><td> <a href='DTSA/DTSA-14-1.html'>DTSA-14-1 mozilla</a></td>
+
+<td>several</td></tr>
+<tr><td>September 8th, 2005</td><td> <a href='DTSA/DTSA-13-1.html'>DTSA-13-1 evolution</a></td>
+
+<td>format string vulnerabilities</td></tr>
+<tr><td>September 8th, 2005</td><td> <a href='DTSA/DTSA-12-1.html'>DTSA-12-1 vim</a></td>
+
+<td>modeline exploits</td></tr>
+<tr><td>August 29th, 2005</td><td> <a href='DTSA/DTSA-11-1.html'>DTSA-11-1 maildrop</a></td>
+
+<td>local privilege escalation</td></tr>
+<tr><td>August 29th, 2005</td><td> <a href='DTSA/DTSA-10-1.html'>DTSA-10-1 pcre3</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>August 31st, 2005</td><td> <a href='DTSA/DTSA-9-1.html'>DTSA-9-1 bluez-utils</a></td>
+
+<td>bad device name escaping</td></tr>
+<tr><td>September 1st, 2005</td><td> <a href='DTSA/DTSA-8-2.html'>DTSA-8-2 mozilla-firefox</a></td>
+
+<td>several vulnerabilities (update)</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-7-1.html'>DTSA-7-1 mozilla</a></td>
+
+<td>frame injection spoofing</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-6-1.html'>DTSA-6-1 cgiwrap</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-5-1.html'>DTSA-5-1 gaim</a></td>
+
+<td>multiple remote vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-4-1.html'>DTSA-4-1 ekg</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-3-1.html'>DTSA-3-1 clamav</a></td>
+
+<td>denial of service and privilege escalation</td></tr>
+<tr><td>August 28th, 2005</td><td> <a href='DTSA/DTSA-2-1.html'>DTSA-2-1 centericq</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 26th, 2005</td><td> <a href='DTSA/DTSA-1-1.html'>DTSA-1-1 kismet</a></td>
+
+<td>various</td></tr>
+</table>
 <!-- footer -->
 <hr>
 <a href="http://validator.w3.org/check?uri=referer">

Modified: website/style.css
===================================================================
--- website/style.css	2007-06-28 23:18:08 UTC (rev 6074)
+++ website/style.css	2007-06-29 16:34:06 UTC (rev 6075)
@@ -104,6 +104,10 @@
  padding-right: 6px;
 }
 
+td.list {
+ border 0px;
+}
+
 td {
  font-size: 11px;
  border: 0px solid #000;

More information about the Secure-testing-commits mailing list