Author: pedrib-guest Date: 2010-01-25 00:46:48 +0000 (Mon, 25 Jan 2010) New Revision: 13906 Modified: data/CVE/list Log: cleaned latent issues CVE-2006-0049, CVE-2006-0455 and CVE-2005-1849 Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-25 00:39:01 UTC (rev 13905) +++ data/CVE/list 2010-01-25 00:46:48 UTC (rev 13906) @@ -63107,9 +63107,7 @@ CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature ...) {DSA-978-1} - gnupg 1.4.2.2-1 (bug #353017; bug #353019; bug #354620; medium) - [sarge] - gnupg2 <not-affected> (Vulnerable code not activated) - NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html indicates that - NOTE: *all* versions are affected because gpg --verify is also affected + - gnupg2 <not-affected> (Vulnerable code not activated) CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...) - linux-2.6 2.6.15-5 [sarge] - kernel-source-2.6.8 <not-affected> @@ -64271,7 +64269,7 @@ CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify non-detached ...) {DSA-993-2} - gnupg 1.4.2.2-1 (bug #356125; medium) - [sarge] - gnupg2 <not-affected> (Vulnerable code not activated) + - gnupg2 <not-affected> (Vulnerable code not activated) CVE-2006-0048 (Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a ...) - tcpick 0.2.1-3 (bug #360571; low) [sarge] - tcpick <no-dsa> (Minor issue) @@ -73573,6 +73571,7 @@ NOTE: This is only contrib code not built in the binary packages AFAIK - zlib 1:1.2.3-1 (low) - zsync 0.4.1-1 (low) + - sash 3.7-5sarge1 (low) NOTE: zsync 0.4.0-2 (mentioned in DSA-797-1) was never uploaded. CVE-2005-1848 (The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause ...) {DSA-750-1}