[Secure-testing-commits] r13774 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Jan 9 21:06:12 UTC 2010 

Author: gilbert-guest
Date: 2010-01-09 21:06:12 +0000 (Sat, 09 Jan 2010)
New Revision: 13774

Modified:
   data/CVE/list
Log:
remove manual uses of unknown since it is redundant/unnecessary

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-09 20:53:11 UTC (rev 13773)
+++ data/CVE/list	2010-01-09 21:06:12 UTC (rev 13774)
@@ -4351,16 +4351,16 @@
 	- jquery <not-affected> (fixed since initial inclusion)
 	- passenger <not-affected> (fixed since initial inclusion)
 CVE-2008-7219 (Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 ...)
-	- kronolith2 2.1.7-1 (unknown)
-	- nag2 2.1.4-1 (unknown)
-	- mnemo2 2.1.2-1 (unknown)
+	- kronolith2 2.1.7-1
+	- nag2 2.1.4-1
+	- mnemo2 2.1.2-1
 CVE-2008-7218 (Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 ...)
 	{DSA-1897-1}
-	- horde3 3.1.6-1 (unknown)
-	- turba2 2.1.7-1 (unknown)
-	- kronolith2 2.1.7-1 (unknown)
-	- nag2 2.1.4-1 (unknown)
-	- mnemo2 2.1.2-1 (unknown)
+	- horde3 3.1.6-1
+	- turba2 2.1.7-1
+	- kronolith2 2.1.7-1
+	- nag2 2.1.4-1
+	- mnemo2 2.1.2-1
 CVE-2008-7217 (Microsoft Office 2008 for Mac, when running on Macintosh systems that ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-6732 (Multiple buffer overflows in the dtt_load function in ...)
@@ -6103,22 +6103,22 @@
 CVE-2009-2725
 	RESERVED
 CVE-2009-2724 (Race condition in the java.lang package in Sun Java SE 5.0 before ...)
-	- sun-java5 1.5.0-20-1 (unknown)
+	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	NOTE: unknown impact and attack vectors
 CVE-2009-2723 (Unspecified vulnerability in deserialization in the Provider class in ...)
-	- sun-java5 1.5.0-20-1 (unknown)
+	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	NOTE: unknown impact and attack vectors
 CVE-2009-2722 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
-	- sun-java5 1.5.0-20-1 (unknown)
+	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	NOTE: unknown impact and attack vectors
 CVE-2009-2721 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
-	- sun-java5 1.5.0-20-1 (unknown)
+	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	NOTE: unknown impact and attack vectors
@@ -22969,7 +22969,7 @@
 CVE-2008-2958 (Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows ...)
 	- checkinstall 1.6.1-7 (low; bug #488140)
 CVE-2008-XXXX [werkzeug hashes its secret instead of using hmac]
-	- python-werkzeug 0.3.1-1 (unknown)
+	- python-werkzeug 0.3.1-1
 	NOTE: http://lucumr.pocoo.org/cogitations/2008/06/24/werkzeug-031-released/
 CVE-2008-2841 (Argument injection vulnerability in XChat 2.8.7b and earlier on ...)
 	- xchat <not-affected> (Windows specific problem)
@@ -28151,7 +28151,7 @@
 CVE-2008-0647 (Multiple stack-based buffer overflows in the ...)
 	NOT-FOR-US: Ourgame GLWorld
 CVE-2008-0646 (The bdecode_recursive function in include/libtorrent/bencode.hpp in ...)
-	- deluge-torrent 0.5.8.3-1 (unknown; bug #463357)
+	- deluge-torrent 0.5.8.3-1 (bug #463357)
 CVE-2008-0645 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php ...)
 	NOT-FOR-US: Portail Web Php
 CVE-2008-0644 (Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to ...)
@@ -38488,7 +38488,7 @@
 	- vlc 0.8.6.c.debian-1 (unimportant; bug #429726)
 CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c VideoLAN ...)
 	{DSA-1332-1}
-	- vlc 0.8.6.c-1 (unknown; bug #429726)
+	- vlc 0.8.6.c-1 (bug #429726)
 CVE-2007-3466
 	RESERVED
 CVE-2007-3465 (Check Point SofaWare Safe at Office, with firmware before Embedded NGX ...)
@@ -59599,7 +59599,7 @@
 	- util-vserver 0.30.210-1 (bug #360438; unimportant)
 CVE-2006-1655 (Multiple buffer overflows in mpg123 0.59r allow user-assisted ...)
 	{DSA-1074-1}
-	- mpg123 0.59r-22 (bug #361863; unknown)
+	- mpg123 0.59r-22 (bug #361863)
 CVE-2006-1654 (Directory traversal vulnerability in the HP Color LaserJet 2500 ...)
 	NOT-FOR-US: HP Colour LaserJet 2500 and 4600 Toolbox
 CVE-2006-1653 (PHP remote file inclusion vulnerability in loadkernel.php in ...)
@@ -66334,7 +66334,7 @@
 	NOT-FOR-US: protection.php from several crappy web apps not in Debian
 CVE-2005-3570 (Unspecified cross-site scripting (XSS) vulnerability in Horde before ...)
 	{DSA-914-1}
-	- horde2 2.2.9-1 (bug #338983; unknown)
+	- horde2 2.2.9-1 (bug #338983)
 CVE-2005-3569 (INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX ...)
 	NOT-FOR-US: DB2
 CVE-2005-3568 (db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 ...)
@@ -66960,26 +66960,26 @@
 	NOT-FOR-US: Hyper Estraier
 CVE-2005-3420 (usercp_register.php in phpBB 2.0.17 allows remote attackers to modify ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 	NOTE: http://www.hardened-php.net/advisory_172005.75.html
 	NOTE: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756
 	NOTE: Remote code execution may be possible, especially in conjunction
 	NOTE: with PHP bugs.
 CVE-2005-3419 (SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 CVE-2005-3418 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 CVE-2005-3417 (phpBB 2.0.17 and earlier, when the register_long_arrays directive is ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 CVE-2005-3416 (phpBB 2.0.17 and earlier, when register_globals is enabled and the ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 CVE-2005-3415 (phpBB 2.0.17 and earlier allows remote attackers to bypass protection ...)
 	{DSA-925-1}
-	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 CVE-2005-3414 (eyeOS 0.8.4 stores usrinfo.xml under the web document root with ...)
 	NOT-FOR-US: eyeOS
 CVE-2005-3413 (Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 ...)
@@ -67200,7 +67200,7 @@
 	- dhis-tools-dns 5.0-5
 CVE-2005-3339 (Mantis before 0.19.3 caches the User ID longer than necessary, which ...)
 	{DSA-905-1}
-	- mantis 0.19.3-0.1 (bug #330682; unknown)
+	- mantis 0.19.3-0.1 (bug #330682)
 CVE-2005-3338 (Unspecified vulnerability in Mantis before 0.19.3, when using ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
@@ -67808,7 +67808,7 @@
 CVE-2005-3167 (Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not ...)
 	- mediawiki 1.4.11-1 (bug #332408; medium)
 CVE-2005-3166 (Unspecified vulnerability in &quot;edit submission handling&quot; for MediaWiki ...)
-	- mediawiki 1.4.11-1 (bug #332408; unknown)
+	- mediawiki 1.4.11-1 (bug #332408)
 CVE-2005-3165 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki ...)
 	- mediawiki 1.4.9
 CVE-2005-3164 (The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 ...)
@@ -68095,7 +68095,7 @@
 CVE-2005-3074 (SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and ...)
 	NOT-FOR-US: RSyslog
 CVE-2005-3073 (Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, ...)
-	- interchange 5.2.1-1 (bug #329705; unknown)
+	- interchange 5.2.1-1 (bug #329705)
 CVE-2005-3072 (SQL injection vulnerability in pages/forum/submit.html in Interchange ...)
 	- interchange 5.2.1-1 (bug #329705; medium)
 CVE-2005-3071 (Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and ...)
@@ -68559,7 +68559,7 @@
 	- arc 5.21m-1 (bug #329053; low)
 CVE-2005-2917 (Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, ...)
 	{DSA-828-1}
-	- squid 2.5.10-7 (unknown)
+	- squid 2.5.10-7
 	NOTE: Patch was added to -6, but not listed in dpatch's list of patches
 CVE-2005-XXXX [user password file created by gajim is world-redable]
 	- gajim 0.8.2-1 (bug #325080; low)
@@ -68593,8 +68593,8 @@
 	{DSA-856-1}
 	- py2play 0.1.8-1 (bug #326976; medium)
 CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in ...)
-	- cups 1.1.23-1 (unknown)
-	- cupsys 1.1.23-1 (unknown)
+	- cups 1.1.23-1
+	- cupsys 1.1.23-1
 CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
 	{DSA-868-1 DSA-866-1 DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; bug #327366; medium)
@@ -69036,7 +69036,7 @@
 	- linux-2.6 2.6.12-1
 CVE-2005-2761 (Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 ...)
 	{DSA-798-1}
-	- phpgroupware 0.9.16.008-1 (unknown)
+	- phpgroupware 0.9.16.008-1
 CVE-2005-2716 (The event_pin_code_request function in the btsrv daemon (btsrv.c) in ...)
 	{DSA-796-1}
 	- affix 2.1.2-3 (bug #325444; medium)
@@ -69119,7 +69119,7 @@
 	- up-imapproxy 1.2.4-2 (high)
 CVE-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows local ...)
 	{DSA-839-1}
-	- apachetop 0.12.5-3 (unknown)
+	- apachetop 0.12.5-3
 CVE-2005-2659 (Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as ...)
 	{DSA-886-1}
 	- chmlib 0.37-2 (medium)
@@ -69175,7 +69175,7 @@
 	NOTE: this bug was closed as it was unreproducable in Debian
 CVE-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly handle ...)
 	{DSA-785-1}
-	- libpam-ldap 178-1sarge1 (bug #324899; unknown)
+	- libpam-ldap 178-1sarge1 (bug #324899)
 CVE-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries ...)
 	NOT-FOR-US: Kerio WinRoute Firewall
 CVE-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word ...)
@@ -71699,7 +71699,7 @@
 	- texmacs 1:1.0.5-3 (bug #318100; medium)
 	[sarge] - texmacs <no-dsa> (Hardly exploitable)
 	- zlib 1:1.2.2-7 (bug #317133; medium)
-	- pvpgn 1.7.8-2 (bug #332236; unknown)
+	- pvpgn 1.7.8-2 (bug #332236)
 	- mysql-dfsg-4.1 4.1.13-1 (bug #319858; unimportant)
 	- mrtg <not-affected> (Only used for internal compression, current versions link dynamically)
 	- rsync <not-affected> (Uses zlib 1.1, which is not affected)

More information about the Secure-testing-commits mailing list