Author: jmm-guest
Date: 2006-11-28 21:36:23 +0100 (Tue, 28 Nov 2006)
New Revision: 5019
Modified:
data/CVE/list
Log:
pstotext CVEfied
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-11-28 17:22:00 UTC (rev 5018)
+++ data/CVE/list 2006-11-28 20:36:23 UTC (rev 5019)
@@ -349,6 +349,7 @@
NOT-FOR-US: Verity Ultraseek
CVE-2006-5969 (CRLF injection vulnerability in the evalFolderLine function in
fvwm ...)
- fvwm 1:2.5.18-2 (low)
+ [sarge] - fvwm <no-dsa> (Minor issue)
CVE-2006-5968 (MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other
versions, ...)
NOT-FOR-US: MDaemon
CVE-2006-5967 (Race condition in Panda ActiveScan 5.53.00, and other versions
before ...)
@@ -556,7 +557,7 @@
CVE-2006-5870
RESERVED
CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute
...)
- - pstotext 1.9-4
+ - pstotext 1.9-4 (bug #356988; medium)
CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and
6.2 ...)
{DSA-1213}
- imagemagick 7:6.2.4.5.dfsg1-0.11
@@ -8794,8 +8795,6 @@
NOTE: is already fixed in the Debian package.
CVE-2005-4795 (Unspecified vulnerability in the multi-language environment
library ...)
NOT-FOR-US: Solaris
-CVE-2006-XXXX [pstotext insufficient filename sanitizing]
- - pstotext 1.9-3 (bug #356988; medium)
CVE-2006-XXXX [cyrus-imapd allows user probes]
- cyrus-imapd-2.2 2.2.13-3
CVE-2006-2214 (Multiple SQL injection vulnerabilities in 4images 1.7.1 and
earlier ...)