Author: stef-guest
Date: 2006-10-05 21:51:09 +0000 (Thu, 05 Oct 2006)
New Revision: 4821
Modified:
data/CVE/list
Log:
add old lynx fix; cfengine and acidlab removed from sid
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-10-05 21:23:20 UTC (rev 4820)
+++ data/CVE/list 2006-10-05 21:51:09 UTC (rev 4821)
@@ -8248,7 +8248,7 @@
CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage
...)
- acidbase 1.2.5-1 (bug #363548; low)
[sarge] - acidbase <no-dsa> (Hardly exploitable)
- - acidlab <unfixed> (bug #363549; low)
+ - acidlab <removed> (bug #363549; low)
[sarge] - acidlab <no-dsa> (Hardly exploitable)
CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows
local ...)
NOT-FOR-US: NetBSD kernel
@@ -16366,7 +16366,7 @@
TODO: Check, whether this version really fixes the issue, it''s not
mentioned in the changelog
CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6
and ...)
{DSA-1085-1 DSA-876-1 DSA-874-1}
- - lynx <unfixed> (bug #335033; high)
+ - lynx 2.8.5-2sarge1 (bug #335033; high)
- lynx-cur 2.8.6-16 (bug #334423; high)
- lynx-ssl <removed>
CVE-2005-3118 (Mason before 1.0.0 does not install the init script after the
user ...)
@@ -16840,7 +16840,7 @@
NOTE: prozilla is not in sarge or etch
CVE-2005-2960 (cfengine 1.6.5 and 2.1.16 allows local users to overwrite
arbitrary ...)
{DSA-836-1 DSA-835-1}
- - cfengine <unfixed> (bug #332433; low)
+ - cfengine <removed> (bug #332433; low)
- cfengine2 2.1.17-1 (bug #332432; low)
NOTE: maintainer does not think it''s a hole, script is unused/broken
CVE-2005-2959 (Incomplete blacklist vulnerability in sudo 1.6.8 and earlier
allows ...)