Author: jmm-guest Date: 2006-12-25 23:19:54 +0100 (Mon, 25 Dec 2006) New Revision: 5177 Modified: data/CVE/list Log: netrik fixed two no-dsas Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-25 20:30:27 UTC (rev 5176) +++ data/CVE/list 2006-12-25 22:19:54 UTC (rev 5177) @@ -1,5 +1,6 @@ CVE-2006-XXXX [insecure rpath in libflash-mozplugin] - libflash 0.4.13-9 (low; bug #399508) + [etch] - libflash <no-dsa> (Not exploitable through directory writable by an unprivileged user) CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle ...) NOT-FOR-US: Oracle CVE-2006-6696 (Double-free vulnerability in Microsoft Windows 2000, XP, 2003, and ...) @@ -40,7 +41,7 @@ CVE-2006-6679 (Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For ...) - chetcpasswd <removed> (medium) CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier ...) - - netrik <unfixed> (medium; bug #404233) + - netrik 1.15.3-1.1 (medium; bug #404233) CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a ...) NOT-FOR-US: ESET NOD32 Antivirus CVE-2006-6676 (Integer overflow in ESET NOD32 Antivirus before 1.1743 allows remote ...) @@ -200,6 +201,7 @@ NOT-FOR-US: Activity Games module for mxBB CVE-2006-6614 (The save_log_local function in Fully Automatic Installation (FAI) ...) - fai 3.1.3 (low; bug #402644) + [sarge] - fai <no-dsa> (Minor issue, only in rare configs and use cases) CVE-2006-6613 (Directory traversal vulnerability in language.php in phpAlbum 0.4.1 ...) NOT-FOR-US: phpAlbum CVE-2006-6612 (PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms ...)