Author: stef-guest Date: 2006-08-28 18:45:10 +0000 (Mon, 28 Aug 2006) New Revision: 4648 Modified: data/CVE/list Log: - new sendmail DoS - tikiwiki fixed - mysql-5.0 fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-08-28 18:35:24 UTC (rev 4647) +++ data/CVE/list 2006-08-28 18:45:10 UTC (rev 4648) @@ -1,6 +1,8 @@ CVE-2006-XXXX [zope Arbitrary file inclusion] TODO: check zope zope-2.7 zope2.8 zope2.9 zope3 - zope2.8 2.8.8-2 +CVE-2006-XXXX [sendmail remote DoS] + - sendmail <unfixed> (bug filed; medium) CVE-2006-XXXX [segfault on corrupt gif from php bug #38112] - libgd2 <unfixed> (medium; bug #384838) - xloadimage <unfixed> (low; bug #384841) @@ -68,7 +70,7 @@ CVE-2006-4300 (SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and ...) NOT-FOR-US: SimpleBlog CVE-2006-4299 (Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in ...) - - tikiwiki <unfixed> (low; bug #384796) + - tikiwiki 1.9.4+dfsg2-2 (low; bug #384796) CVE-2006-4298 (Multiple directory traversal vulnerabilities in cache.php in ...) NOT-FOR-US: osCommerce CVE-2006-4297 (SQL injection vulnerability in shopping_cart.php in osCommerce 2.2 ...) @@ -220,9 +222,9 @@ CVE-2006-4228 (Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before ...) NOT-FOR-US: Symantec CVE-2006-4227 (MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid ...) - - mysql-dfsg-5.0 <unfixed> (low; bug #384798) + - mysql-dfsg-5.0 5.0.24-3 (low; bug #384798) CVE-2006-4226 (MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when ...) - - mysql-dfsg-5.0 <unfixed> (low; bug #384798) + - mysql-dfsg-5.0 5.0.24-3 (low; bug #384798) - mysql-dfsg <unfixed> (low) CVE-2006-4225 (Multiple SQL injection vulnerabilities in war.php in Virtual War ...) NOT-FOR-US: Virtual War