Moritz Muehlenhoff
2006-Oct-10 21:34 UTC
[Secure-testing-commits] r4839 - in data: CVE DSA
Author: jmm-guest
Date: 2006-10-10 21:33:39 +0000 (Tue, 10 Oct 2006)
New Revision: 4839
Modified:
data/CVE/list
data/DSA/list
Log:
- new libwmf and openssl096 DSAs
- debian/kfreebsd not an official release with security support,
marking FreeBSD issues as such
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-10-10 09:47:23 UTC (rev 4838)
+++ data/CVE/list 2006-10-10 21:33:39 UTC (rev 4839)
@@ -2018,6 +2018,7 @@
- maxdb-7.5.00 7.5.00.34-5 (high; bug #386182)
CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1,
NetBSD ...)
- kfreebsd-5 <unfixed> (bug #391289)
+ [etch] - kfreebsd-5 <no-dsa> (Etch doesn''t have security
support for the FreeBSD kernel)
CVE-2006-4303 (Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun
...)
NOT-FOR-US: Solaris
CVE-2006-4302 (The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java
Web ...)
@@ -2309,6 +2310,7 @@
RESERVED
CVE-2006-4178 (Integer signedness error in the i386_set_ldt call in FreeBSD
5.5, and ...)
- kfreebsd-5 <unfixed> (bug #391289)
+ [etch] - kfreebsd-5 <no-dsa> (Etch doesn''t have security
support for the FreeBSD kernel)
CVE-2006-4177
RESERVED
CVE-2006-4176
@@ -2321,6 +2323,7 @@
RESERVED
CVE-2006-4172 (Integer overflow vulnerability in the i386_set_ldt call in
FreeBSD ...)
- kfreebsd-5 <unfixed> (bug #391289)
+ [etch] - kfreebsd-5 <no-dsa> (Etch doesn''t have security
support for the FreeBSD kernel)
CVE-2006-4171
RESERVED
CVE-2006-4170
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-10-10 09:47:23 UTC (rev 4838)
+++ data/DSA/list 2006-10-10 21:33:39 UTC (rev 4839)
@@ -1,3 +1,9 @@
+[10 Oct 2006] DSA-1195-1 openssl096
+ {CVE-2006-2940 CVE-2006-3738 CVE-2006-4343}
+ [sarge] - openssl096 0.9.6m-1sarge4
+[09 Oct 2006] DSA-1194-1 libwmf
+ {CVE-2006-3376}
+ [sarge] - libwmf 0.2.8.3-2sarge1
[09 Oct 2006] DSA-1193-1 xfree86
{CVE-2006-3467 CVE-2006-3739 CVE-2006-3740 CVE-2006-4447}
[sarge] - xfree86 4.3.0.dfsg.1-14sarge2