thr3ads.net - Secure testing commits - [Secure-testing-commits] r4937

If this information is useful, please help other people find it:
Share via:

Joey Hess

2006-Nov-08 21:14 UTC

[Secure-testing-commits] r4937 - data/CVE

Author: joeyh
Date: 2006-11-08 21:14:45 +0100 (Wed, 08 Nov 2006)
New Revision: 4937

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-11-08 19:46:48 UTC (rev 4936)
+++ data/CVE/list	2006-11-08 20:14:45 UTC (rev 4937)
@@ -666,6 +666,7 @@
 	[sarge] - rpm <no-dsa> (You need to trust the RPMs you''re
installing)
 	NOTE: Only hypothetical, far-fetched attacks feasible
 CVE-2006-5465 (Buffer overflow in PHP before 5.2.0 allows remote attackers to
execute ...)
+	{DSA-1206-1}
 	- php4 4:4.4.4-4 (high; bug #396764)
 	- php5 5.1.6-6 (high; bug #396766)
 CVE-2006-5464
@@ -2816,6 +2817,7 @@
 	- php4 4:4.4.4-1 (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
 CVE-2006-4482 (Multiple heap-based buffer overflows in the (1) str_repeat and
(2) ...)
+	{DSA-1206-1}
 	- php5 5.1.6-1 (medium)
 	- php4 4:4.4.4-1 (medium)
 CVE-2006-4481 (The (1) file_exists and (2) imap_reopen functions in PHP before
5.1.5 ...)
@@ -6123,6 +6125,7 @@
 	- php4 <unfixed> (unimportant)
 	NOTE: Sanitising is the application''s responsibilitys
 CVE-2006-3017 (zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3
and 5.x ...)
+	{DSA-1206-1}
 	- php5 5.1.4-0.1 (medium)
 	- php4 4:4.4.4-1 (medium; bug #381998)
 CVE-2006-3016 (Unspecified vulnerability in session.c in PHP before 5.1.3 has
unknown ...)
@@ -16935,6 +16938,7 @@
 	- sylpheed-claws 1.0.5-2 (bug #338436; medium)
 	- sylpheed-claws-gtk2 1.9.100-1 (bug #339529; medium)
 CVE-2005-3353 (The exif_read_data function in the Exif module in PHP before
4.4.1 ...)
+	{DSA-1206-1}
 	- php4 4:4.4.2-1 (bug #339577; medium)
 	- php5 5.1.1-1 (bug #336654; medium)
 CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module
of ...)
@@ -17778,8 +17782,8 @@
 CVE-2004-XXXX [Barrendero spool world-readable]
 	- barrendero 1.1-1 (bug #279163)
 CVE-2005-XXXX [hdup inproperly preserves permissions on directories]
-       - hdup 2.0.14-2 (bug #302790; low)
-       NOTE: Minor issue, workaround and patch documented since version above
+	- hdup 2.0.14-2 (bug #302790; low)
+	NOTE: Minor issue, workaround and patch documented since version above
 	[sarge] - hdup <no-dsa> (Mostly a design limitation, very limited
security implications)
 CVE-2001-XXXX [crypt++ passes passwords through the command line]
 	- crypt++el 2.91-2.1 (bug #105562; low)

Secure testing commits - Nov 2006 - r4937 - data/CVE

[Secure-testing-commits] r4937 - data/CVE