[Git][security-tracker-team/security-tracker][master] Review a small set of 2006 DSAs for correct suffix

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 3 18:25:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b509f31 by Salvatore Bonaccorso at 2025-08-03T19:25:09+02:00
Review a small set of 2006 DSAs for correct suffix

Link: https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/224

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -827974,7 +827974,7 @@ CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute arb
 	{DSA-1220-1}
 	- pstotext 1.9-4 (bug #356988; medium)
 CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 b ...)
-	{DSA-1213}
+	{DSA-1213-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.11
 CVE-2006-5867 (fetchmail before 6.3.6-rc4 does not properly enforce TLS and may trans ...)
 	{DSA-1259-1}
@@ -828904,7 +828904,7 @@ CVE-2006-5458 (PHP remote file inclusion vulnerability in common.php in Hinton D
 CVE-2006-5457 (Multiple cross-site scripting (XSS) vulnerabilities in the registratio ...)
 	NOT-FOR-US: Casino Script (Masvet)
 CVE-2006-5456 (Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagi ...)
-	{DSA-1213}
+	{DSA-1213-1}
 	- graphicsmagick 1.1.7-9 (medium)
 	- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
 CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...)
@@ -829775,7 +829775,7 @@ CVE-2006-5052 (Unspecified vulnerability in portable OpenSSH before 4.4, when ru
 	[etch] - openssh <no-dsa> (Minor issue)
 	- openssh 1:4.6p1-1 (low)
 CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote atta ...)
-	{DSA-1638-1 DSA-1212 DSA-1189-1}
+	{DSA-1638-1 DSA-1212-1 DSA-1189-1}
 	- openssh 1:4.6p1-1 (low)
 	- openssh-krb5 <removed> (high)
 	NOTE: From my analysis only openssh with Kerberos support should be vulnerable
@@ -830057,7 +830057,7 @@ CVE-2006-4925 (packet.c in ssh in OpenSSH allows remote attackers to cause a den
 	- openssh 1:5.1p1-5 (unimportant)
 	NOTE: That's a non-issue
 CVE-2006-4924 (sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, all ...)
-	{DSA-1212 DSA-1189-1}
+	{DSA-1212-1 DSA-1189-1}
 	- openssh 1:4.3p2-4 (low; bug #389995)
 	- openssh-krb5 <unfixed> (low)
 CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat Po ...)
@@ -830825,7 +830825,7 @@ CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8 combining chara
 CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows re ...)
 	- linux-2.6 2.6.18.dfsg.1-9 (medium)
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunde ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-64
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -830843,7 +830843,7 @@ CVE-2006-4569 (The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "bl
 	- thunderbird 1.5.0.7-1
 	[sarge] - mozilla-firefox <not-affected> (Regression only affecting 1.5)
 CVE-2006-4568 (Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remot ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-61
 	- mozilla <removed> (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
@@ -830857,14 +830857,14 @@ CVE-2006-4567 (Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 mak
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: The internal update mechanism is disabled in Debian
 CVE-2006-4566 (Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (high)
 CVE-2006-4565 (Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderb ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -831384,7 +831384,7 @@ CVE-2006-4342 (The kernel in Red Hat Enterprise Linux 3, when running on SMP sys
 CVE-2006-4341
 	REJECTED
 CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as used  ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-60, this is the similar to CVE-2006-4339
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
@@ -831609,7 +831609,7 @@ CVE-2006-4252 (PowerDNS Recursor 3.1.3 and earlier allows remote attackers to ca
 	- pdns-recursor 3.1.4-1 (bug #398559)
 	- pdns <not-affected> (Recursor module has been moved to pdns-recursor)
 CVE-2006-4251 (Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow rem ...)
-	{DSA-1211}
+	{DSA-1211-1}
 	- pdns-recursor 3.1.4-1 (bug #398557; high)
 	- pdns 2.9.20-4
 	NOTE: Recursor module has been moved to pdns-recursor
@@ -832017,7 +832017,7 @@ CVE-2006-4073 (Multiple PHP remote file inclusion vulnerabilities in Fabian Hain
 CVE-2006-4072 (Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 ...)
 	NOT-FOR-US: Club-Nuke [XP]
 CVE-2006-4144 (Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick  ...)
-	{DSA-1213}
+	{DSA-1213-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (medium; bug #383314)
 	- graphicsmagick 1.1.7-7 (medium; bug #383333)
 CVE-2006-XXXX [crash in the certificate verification logic]
@@ -834963,7 +834963,7 @@ CVE-2006-2789 (Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images
 	NOTE: Verified that the patch has been applied in 2.4.0-1,
 	NOTE: may have been fixed earlier.
 CVE-2006-2788 (Double free vulnerability in the getRawDER function for nsIX509Cert in ...)
-	{DSA-1210 DSA-1192-1 DSA-1191-1}
+	{DSA-1210-1 DSA-1192-1 DSA-1191-1}
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.4 (high)
 	- xulrunner 1.8.0.4-1 (high)
@@ -841755,7 +841755,7 @@ CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versi
 	{CVE-2005-4560 DSA-954-1}
 	- wine 0.9.2-1 (bug #346197; medium)
 CVE-2006-0082 (Format string vulnerability in the SetImageInfo function in image.c fo ...)
-	{DSA-1213}
+	{DSA-1213-1}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345876)
 CVE-2005-XXXX [World-readable config file with sensitive data in b2evolution]
 	- b2evolution 0.9.1b-4 (bug #344000)


=====================================
data/DSA/list
=====================================
@@ -16199,16 +16199,16 @@
 [20 Nov 2006] DSA-1214-1 gv
 	{CVE-2006-5864}
 	[sarge] - gv 1:3.6.1-10sarge1
-[19 Nov 2006] DSA-1213 imagemagick
+[19 Nov 2006] DSA-1213-1 imagemagick
 	{CVE-2006-0082 CVE-2006-4144 CVE-2006-5456 CVE-2006-5868}
 	[sarge] - imagemagick 6:6.0.6.2-2.8
-[15 Nov 2006] DSA-1212 openssh
+[15 Nov 2006] DSA-1212-1 openssh
 	{CVE-2006-4924 CVE-2006-5051}
 	[sarge] - openssh 1:3.8.1p1-8.sarge.6
-[14 Nov 2006] DSA-1211 pdns
+[14 Nov 2006] DSA-1211-1 pdns
 	{CVE-2006-4251}
 	[sarge] - pdns 2.9.17-13sarge3
-[14 Nov 2006] DSA-1210 mozilla-firefox
+[14 Nov 2006] DSA-1210-1 mozilla-firefox
 	{CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566 CVE-2006-4568 CVE-2006-4571}
 	[sarge] - mozilla-firefox 1.0.4-2sarge12
 [12 Nov 2006] DSA-1209 trac



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b509f31b95e1f74f7e9287d30dd445bf4005365

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b509f31b95e1f74f7e9287d30dd445bf4005365
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250803/264f68b8/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list