Author: fw Date: 2006-05-23 18:56:38 +0000 (Tue, 23 May 2006) New Revision: 4062 Modified: data/CVE/list Log: CVE-2006-2313, CVE-2006-2314: PostgreSQL Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-23 12:36:26 UTC (rev 4061) +++ data/CVE/list 2006-05-23 18:56:38 UTC (rev 4062) @@ -370,10 +370,24 @@ NOT-FOR-US: Intel Windows software CVE-2006-2315 (PHP remote file inclusion vulnerability in session.inc.php in ...) NOT-FOR-US: ISPConfig -CVE-2006-2314 +CVE-2006-2314 [PostgreSQL string encoding interpretation conflict] RESERVED -CVE-2006-2313 + - postgresql 7.5.4 (medium; bug #368645) + - postgresql-7.4 <unfixed> (medium) + - postgresql-8.0 <unfixed> (medium) + - postgresql-8.1 <unfixed> (medium) + NOTE: Beginning with version 7.5.4, postgresql is a transition + NOTE: package which does not contain actual code. That''s why + NOTE: it''s marked as fixed here. (Previous versions are vulnerable.) +CVE-2006-2313 [Too lenient UTF-8 etc. decoders in PostgreSQL] RESERVED + - postgresql 7.5.4 (high; bug #368645) + - postgresql-7.4 <unfixed> (high) + - postgresql-8.0 <unfixed> (high) + - postgresql-8.1 <unfixed> (high) + NOTE: Beginning with version 7.5.4, postgresql is a transition + NOTE: package which does not contain actual code. That''s why + NOTE: it''s marked as fixed here. (Previous versions are vulnerable.) CVE-2006-2312 (Unspecified vulnerability in the URI handler in Skype 2.0.*.104 and ...) NOT-FOR-US: Skype CVE-2006-2311