Author: stef-guest
Date: 2006-11-04 10:28:52 +0100 (Sat, 04 Nov 2006)
New Revision: 4919
Modified:
data/CVE/list
Log:
- CVE-2006-3600 libtunepimp fixed (previous fix was incomplete)
- bugzilla fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-11-03 20:14:20 UTC (rev 4918)
+++ data/CVE/list 2006-11-04 09:28:52 UTC (rev 4919)
@@ -411,11 +411,11 @@
- graphicsmagick 1.1.7-9 (medium)
- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in
editversions.cgi in ...)
- - bugzilla <unfixed> (bug #395094; low)
+ - bugzilla 2.22.1-1 (bug #395094; low)
CVE-2006-5454 (Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x
before ...)
- - bugzilla <unfixed> (bug #395094; low)
+ - bugzilla 2.22.1-1 (bug #395094; low)
CVE-2006-5453 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla
2.18.x ...)
- - bugzilla <unfixed> (bug #395094; low)
+ - bugzilla 2.22.1-1 (bug #395094; low)
CVE-2006-5452 (Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and
HP-UX ...)
NOT-FOR-US: HP Tru64
CVE-2006-5451 (Multiple cross-site scripting (XSS) vulnerabilities in
TorrentFlux 2.1 ...)
@@ -4591,7 +4591,7 @@
NOT-FOR-US: DotNetNuke
CVE-2006-3600 (Multiple stack-based buffer overflows in the LookupTRM::lookup
...)
{DSA-1135-1}
- - libtunepimp 0.4.2-3.0etch1 (bug #378091; medium)
+ - libtunepimp 0.4.2-4 (bug #378091; medium)
CVE-2006-3599 (SQL injection vulnerability in the Nuke Advanced Classifieds
module ...)
NOT-FOR-US: Nuke Advanced Classifieds module for PHP-Nuke
CVE-2006-3598 (SQL injection vulnerability in the Sections module for PHP-Nuke
allows ...)