Author: jmm-guest Date: 2006-12-24 14:10:20 +0100 (Sun, 24 Dec 2006) New Revision: 5165 Modified: data/CVE/list Log: libflash not in sarge chetcpasswd CVEfied libarchive hardly a security issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-23 13:21:35 UTC (rev 5164) +++ data/CVE/list 2006-12-24 13:10:20 UTC (rev 5165) @@ -1,6 +1,5 @@ CVE-2006-XXXX [insecure rpath in libflash-mozplugin] - libflash 0.4.13-9 (low; bug #399508) - [sarge] - libflash <no-dsa> (minor issue) CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle ...) NOT-FOR-US: Oracle CVE-2006-6696 (Double-free vulnerability in Microsoft Windows 2000, XP, 2003, and ...) @@ -1830,10 +1829,6 @@ NOT-FOR-US: NuStore CVE-2003-1308 (CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x ...) - fvwm 2.5.10-1 -CVE-2006-XXXX [chetcpasswd multiple vulnerabilities] - - chetcpasswd <unfixed> (bug #394454) - NOTE: I''ve filed a removal bug, this doesn''t have a security perspective - NOTE: It''s too buggy even for sid and was never part of stable or testing CVE-2006-5884 (Multiple unspecified vulnerabilities in DirectAnimation ActiveX ...) NOT-FOR-US: DirectAnimation ActiveX controls for Microsoft Internet Explorer CVE-2006-5883 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...) @@ -2281,7 +2276,7 @@ CVE-2006-5681 (QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with ...) TODO: check CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...) - - libarchive 1.3.1-1 + - libarchive 1.3.1-1 (unimportant) CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...) - kfreebsd-5 <unfixed> [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)