Moritz Muehlenhoff
2007-Jan-30 02:11 UTC
[Secure-testing-commits] r5384 - in data: CVE DSA
Author: jmm-guest
Date: 2007-01-30 02:11:38 +0100 (Tue, 30 Jan 2007)
New Revision: 5384
Modified:
data/CVE/list
data/DSA/list
Log:
fix netrik DSA version
one firefox issue unfixed in sarge
one firefox issue unimportant
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-01-29 20:14:12 UTC (rev 5383)
+++ data/CVE/list 2007-01-30 01:11:38 UTC (rev 5384)
@@ -1084,7 +1084,7 @@
CVE-2006-6886 (phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive
...)
NOT-FOR-US: phpwcms
CVE-2006-6885 (An ActiveX control in SwDir.dll in Macromedia Shockwave 10
allows ...)
- - flashplugin-nonfree <not-affected>
+ - flashplugin-nonfree <not-affected> (Windows-specific)
CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX
control (aka ...)
NOT-FOR-US: Sky Software
CVE-2006-6883 (** DISPUTED ** ...)
@@ -1688,7 +1688,7 @@
CVE-2007-0010 [gtk error-handling-in-pixbuf-loaders]
RESERVED
- gtk+2.0 2.8.20-5
- TODO: check gtk 1 ...
+ TODO: check gdk-pixbuf
CVE-2007-0009
RESERVED
CVE-2007-0008
@@ -13044,10 +13044,9 @@
CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before
1.5.0.2, ...)
{DSA-1051-1 DSA-1046-1}
- firefox 1.5.dfsg+1.5.0.2 (medium)
- - mozilla-firefox 1.5.dfsg+1.5.0.2 (medium)
+ - mozilla-firefox <unfixed> (medium)
- mozilla <unfixed> (medium)
- thunderbird 1.5.0.2-1 (low)
- [sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
- xulrunner 1.8.0.1-9
NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS
4.0 ...)
@@ -21665,7 +21664,8 @@
CVE-2005-3090 (Cross-site scripting (XSS) vulnerability in
bug_actiongroup_page.php ...)
- mantis 0.19.2-4 (bug #330682; medium)
CVE-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service
(crash) ...)
- - mozilla-firefox 1.0.7-1
+ - mozilla-firefox 1.0.7-1 (unimportant)
+ NOTE: Browser crashes not treated as security problems
CVE-2005-3088 (fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2
...)
{DSA-900-3}
- fetchmail 6.2.5.4-1 (bug #336096; low)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-01-29 20:14:12 UTC (rev 5383)
+++ data/DSA/list 2007-01-30 01:11:38 UTC (rev 5384)
@@ -10,7 +10,7 @@
[etch] - vlc 0.8.6-svn20061012.debian-3
[21 Jan 2007] DSA-1251-1 netrik
{CVE-2006-6678}
- [sarge] - netrik 1.15.4-1sarge1
+ [sarge] - netrik 1.15.3-1sarge1
[17 Jan 2007] DSA-1250-1 cacti
{CVE-2006-6799}
[sarge] - cacti 0.8.6c-7sarge4