Author: alec-guest Date: 2006-07-21 02:10:23 +0000 (Fri, 21 Jul 2006) New Revision: 4438 Modified: data/CVE/list Log: * CVE-2006-3597 (passwd): Ubuntu-specific, fixes mistake in installation * CVE-2006-3668 (libdumb): bug number Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-07-21 02:06:32 UTC (rev 4437) +++ data/CVE/list 2006-07-21 02:10:23 UTC (rev 4438) @@ -140,7 +140,7 @@ CVE-2006-3669 (Mercury Messenger, possibly 1.7.1.1 and other versions, when running ...) NOT-FOR-US: Mercury Messenger CVE-2006-3668 (Heap-based buffer overflow in the it_read_envelope function in Dynamic ...) - - libdumb <unfixed> (bug filed; medium) + - libdumb <unfixed> (bug #379064; medium) CVE-2006-3667 (Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking ...) NOT-FOR-US: Sybase/Financial Fusion Consumer Banking Suite CVE-2006-3666 (SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc ...) @@ -281,7 +281,7 @@ CVE-2006-3598 (SQL injection vulnerability in the Sections module for PHP-Nuke allows ...) NOT-FOR-US: Sections module for PHP-Nuke CVE-2006-3597 (passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password ...) - TODO: check + - shadow <not-affected> (fix for a mistake in the Ubuntu installer) CVE-2006-3596 (The device driver for Intel-based gigabit network adapters in Cisco ...) NOT-FOR-US: Cisco CVE-2006-3595 (The default configuration of IOS HTTP server in Cisco Router Web Setup ...)