Secure testing commits - Mar 2006 - r3660 - data/CVE

Author: jmm-guest
Date: 2006-03-22 09:19:31 +0000 (Wed, 22 Mar 2006)
New Revision: 3660

Modified:
   data/CVE/list
Log:
new firebird issue (fixed)
new flash issue (fixed)
netpanzer fixed
bugnums


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-22 09:14:30 UTC (rev 3659)
+++ data/CVE/list	2006-03-22 09:19:31 UTC (rev 3660)
@@ -1,3 +1,5 @@
+CVE-2006-2043 [firebird2 remote DoS]
+	- firebird2 1.5.3.4870-3 (bug #357580)
 CVE-2006-1341 (SQL injection vulnerability in events.php in Maian Events 1.0
allows ...)
 	TODO: check
 CVE-2006-1340 (CuteNews 1.4.1 and possibly other versions allows remote
attackers to ...)
@@ -173,7 +175,7 @@
 CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar
(LWC) ...)
 	TODO: check
 CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to
delete ...)
-	- sa-exim <unfixed> (bug #345071)
+	- sa-exim <unfixed> (bug #345071; bug #356301)
 CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail
before 4.3 ...)
 	TODO: check
 CVE-2006-1249 (** UNVERIFIABLE, PRERELEASE ** ...)
@@ -3173,7 +3175,7 @@
 	- snmptrapfmt 1.10
 CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify
non-detached ...)
 	{DSA-993-2}
-	- gnupg 1.4.2.2-1 (medium)
+	- gnupg 1.4.2.2-1 (bug #356125; medium)
 CVE-2006-0048
 	RESERVED
 CVE-2006-0047 (packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to
cause ...)
@@ -4650,13 +4652,13 @@
 CVE-2006-0032
 	RESERVED
 CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and
2003, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and
2003, in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0029 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and
2003, in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0028 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and
2003, in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0027
 	RESERVED
 CVE-2006-0026
@@ -4664,13 +4666,13 @@
 CVE-2006-0025
 	RESERVED
 CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player
8.0.22.0 ...)
-	TODO: check
+	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
 CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and
possibly ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0022
 	RESERVED
 CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1,
allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in
Internet ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0018
@@ -9910,7 +9912,7 @@
 CVE-2005-2296 (YabbSE 1.5.5c allows remote attackers to obtain sensitive
information ...)
 	NOT-FOR-US: YabbSE
 CVE-2005-2295 (NetPanzer 0.8 and earlier allows remote attackers to cause a
denial of ...)
-	- netpanzer <unfixed> (bug #318329; medium)
+	- netpanzer 0.8+svn20060319-1 (bug #318329; medium)
 CVE-2005-2294 (Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number
of ...)
 	NOT-FOR-US: Oracle
 CVE-2005-2293 (Oracle Formsbuilder 9.0.4 stores database usernames and
passwords in a ...)