Author: jmm-guest Date: 2006-04-25 10:54:16 +0000 (Tue, 25 Apr 2006) New Revision: 3872 Modified: data/CVE/list Log: updates on already fixed clamav bugs no-dsa for older imp4 issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-25 09:14:24 UTC (rev 3871) +++ data/CVE/list 2006-04-25 10:54:16 UTC (rev 3872) @@ -5899,7 +5899,8 @@ CVE-2005-4081 (Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow ...) NOT-FOR-US: Alisveristr E-commerce CVE-2005-4080 (Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 ...) - - imp4 <unfixed> (bug #342654; medium) + - imp4 <unfixed> (bug #342654; low) + [sarge] - imp4 <no-dsa> (Internet Explorer bug, needs to be fixed there) CVE-2005-4079 (The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote ...) - phpmyadmin <not-affected> (Affects only 2.7.0) CVE-2005-4078 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal BB.NET ...) @@ -10743,7 +10744,6 @@ CVE-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs] - clamav 0.86.2-1 (low) [sarge] - clamav 0.84-2.sarge.2 - NOTE: suspect this also affects Sarge, not enough info to know what this is CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...) NOT-FOR-US: Network Associated ePolicy Orchestrator Agent CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x ...) @@ -14735,7 +14735,7 @@ NOT-FOR-US: HTTP Commander CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines] - clamav 0.85.1-1 (low) - NOTE: Suspect Sarge is affected, not enough information to certify + [sarge] - clamav 0.84-2.sarge.1 CVE-2005-XXXX [libxpm4: new s_popen() function is insecure garbage] - xfree86 4.3.0.dfsg.1-14 (bug #308783) - xorg-x11 <not-affected> (Xfree-specific, inspected the Subversion tree)