Author: stef-guest Date: 2006-11-05 17:33:22 +0100 (Sun, 05 Nov 2006) New Revision: 4921 Modified: data/CVE/list Log: - CVE-2006-5619: new linux issue fixed - CVE-2006-5174: fix for linux s390 issue reverted - CVE-2006-5466: rpm fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-05 16:22:40 UTC (rev 4920) +++ data/CVE/list 2006-11-05 16:33:22 UTC (rev 4921) @@ -63,7 +63,7 @@ CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...) TODO: check CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in ...) - TODO: check + - linux-2.6 2.6.18-4 (low) CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref ...) TODO: check CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload ...) @@ -376,7 +376,7 @@ TODO: check CVE-2006-5466 [rpm heap overflow in changelog parsing] RESERVED - - rpm <unfixed> (low) + - rpm 4.4.1-11 (low) NOTE: This needs further investigation, most probably a non-issue, pinged maintainer NOTE: [sarge] - rpm <no-dsa> (You need to trust the RPMs you''re installing) CVE-2006-5465 [php htmlentities() and htmlspecialchars() buffer overflow] @@ -1000,8 +1000,8 @@ CVE-2006-5175 (Cross-site request forgery (CSRF) vulnerability in the administrative ...) NOT-FOR-US: TeraStation HD-HTGL CVE-2006-5174 (The copy_from_user function in the uaccess code in Linux kernel 2.6 ...) - - linux-2.6 2.6.18-3 - NOTE: s390 only + - linux-2.6 <unfixed> + NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4 CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a context ...) - linux-2.6 <unfixed> CVE-2006-5172