Author: stef-guest Date: 2006-05-12 12:36:30 +0000 (Fri, 12 May 2006) New Revision: 3942 Modified: data/CVE/list Log: drupal bugnum openssh fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-12 10:56:53 UTC (rev 3941) +++ data/CVE/list 2006-05-12 12:36:30 UTC (rev 3942) @@ -75,7 +75,7 @@ CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 ...) NOT-FOR-US: ACal CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module ...) - - drupal <unfixed> (bug filed; medium) + - drupal <unfixed> (bug #366947; medium) CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows ...) NOT-FOR-US: MaxxSchedule CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule ...) @@ -4969,7 +4969,7 @@ CVE-2006-0226 (Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) ...) NOT-FOR-US: freebsd kernel CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands ...) - - openssh <unfixed> (low; bug #349645; bug #352254) + - openssh 1:4.3p2-1 (low; bug #349645; bug #352254) [sarge] - openssh <no-dsa> (Protocol flaws inherited from rcp) - dropbear 0.48-1 (unimportant) NOTE: dropbear doesn''t include scp in binary package