Secure testing commits - Aug 2006 - r4480 - data/CVE

Author: stef-guest
Date: 2006-08-01 14:26:28 +0000 (Tue, 01 Aug 2006)
New Revision: 4480

Modified:
   data/CVE/list
Log:
- many new libtiff issues fixed
- heartbeat fixed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-08-01 14:19:52 UTC (rev 4479)
+++ data/CVE/list	2006-08-01 14:26:28 UTC (rev 4480)
@@ -44,7 +44,7 @@
 CVE-2006-3816 (Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote
...)
 	- krusader <not-affected> (bug #380063; file in directory with 0700
permissions)
 CVE-2006-3815 (heartbeat.c in heartbeat before 2.0.6 sets insecure permissions
in an ...)
-	- heartbeat <unfixed> (bug #379904)
+	- heartbeat 1.2.4-13 (bug #379904)
 CVE-2006-3814 (Buffer overflow in the Loader_XM::load_instrument_internal
function in ...)
 	- cheesetracker <unfixed> (bug #380364; low)
 CVE-2006-3813
@@ -858,20 +858,27 @@
 	TODO: check
 CVE-2006-3466
 	REJECTED
-CVE-2006-3465
+CVE-2006-3465 [libtiff: flaw in custom tag support]
 	RESERVED
-CVE-2006-3464
+	- tiff 3.8.2-6
+CVE-2006-3464 [libtiff: insufficient range checking]
 	RESERVED
-CVE-2006-3463
+	- tiff 3.8.2-6
+CVE-2006-3463 [libtiff: infinite loop was discovered in
EstimateStripByteCounts()]
 	RESERVED
-CVE-2006-3462
+	- tiff 3.8.2-6
+CVE-2006-3462 [libtiff: NeXT RLE decoder heap overflow]
 	RESERVED
-CVE-2006-3461
+	- tiff 3.8.2-6
+CVE-2006-3461 [libtiff: heap overflow exists in the PixarLog decoder]
 	RESERVED
-CVE-2006-3460
+	- tiff 3.8.2-6
+CVE-2006-3460 [libtiff: heap overflow vulnerability was discovered in the jpeg
decoder]
 	RESERVED
-CVE-2006-3459
+	- tiff 3.8.2-6
+CVE-2006-3459 [libtiff: stack buffer overflow via TIFFFetchShortPair()]
 	RESERVED
+	- tiff 3.8.2-6
 CVE-2006-3486 (** DISPUTED ** ...)
 	- mysql-dfsg-5.0 5.0.22-4 (unimportant)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present)