Author: jmm-guest
Date: 2006-03-23 13:30:38 +0000 (Thu, 23 Mar 2006)
New Revision: 3670
Modified:
data/CVE/list
Log:
remove 2.4.27 entries, will be added through 2.4.27 DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-23 13:12:18 UTC (rev 3669)
+++ data/CVE/list 2006-03-23 13:30:38 UTC (rev 3670)
@@ -4642,7 +4642,6 @@
- kernel-patch-ctx 1:1.29-1
CVE-2004-2607 (A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x
up to ...)
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
- - kernel-source-2.4.27 2.4.27-8
CVE-2005-3962 (Integer overflow in the format string functionality
(Perl_sv_vcatpvfn) ...)
{DSA-943-1}
- perl 5.8.7-9 (bug #341542; medium)
@@ -4992,10 +4991,8 @@
NOT-FOR-US: AMAX Magic Winmail Server
CVE-2005-3806 (The IPv6 flow label handling code (ip6_flowlabel.c) in Linux
kernels ...)
- linux-2.6 2.6.14-1 (medium)
- - kernel-source-2.4.27 <unfixed> (medium)
CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in
Linux ...)
- linux-2.6 <unfixed> (medium)
- - kernel-source-2.4.27 <unfixed> (medium)
CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to
support ...)
NOT-FOR-US: Cisco hardware
CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded
...)
@@ -5044,7 +5041,6 @@
- kernel-source-2.4.27 <unfixed> (medium)
CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before
...)
- linux-2.6 2.6.14-3 (medium)
- - kernel-source-2.4.27 <unfixed> (medium)
CVE-2005-3782
RESERVED
CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version
3, with ...)
@@ -5119,7 +5115,6 @@
- phpgroupware 0.9.14.007
CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before
...)
- linux-2.6 2.6.13-1
- - kernel-source-2.4.27 2.4.27-12 (bug #351645)
CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel
2.6.11 up ...)
- linux-2.6 2.6.13-1
CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in
...)
@@ -6196,10 +6191,8 @@
- linux-ftpd-ssl 0.17.18+0.3-5 (bug #339074; high)
CVE-2005-3807 (Memory leak in the VFS file lease handling in locks.c in Linux
kernels ...)
- linux-2.6 2.6.14-4
- - kernel-source-2.4.27 <not-affected>
CVE-2005-3857 (The time_out_leases function in locks.c for Linux kernel before
...)
- linux-2.6 2.6.14-4 (low)
- - kernel-source-2.4.27 2.4.27-13 (low)
CVE-2005-XXXX [user logout in drupal has no effect]
[sarge] - drupal <not-affected> (bug was introduced after 4.5.3)
- drupal 4.5.5-3 (bug #336719; medium)
@@ -6966,7 +6959,6 @@
NOT-FOR-US: Solaris
CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and
...)
- linux-2.6 2.6.14-4 (bug #334113; medium)
- - kernel-source-2.4.27 <unfixed> (medium)
CVE-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows
remote ...)
NOT-FOR-US: Cyphor
CVE-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow
remote ...)
@@ -7735,8 +7727,6 @@
- libungif4 4.1.3-4 (bug #337972; medium)
CVE-2005-2973 (The udp_v6_get_port function in udp.c in Linux 2.6 before
2.6.14-rc5, ...)
- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (low)
- - kernel-source-2.4.27 2.4.27-12
- [sarge] - kernel-source-2.4.27 2.4.27-10sarge2
CVE-2005-2972 (Multiple stack-based buffer overflows in the RTF import feature
in ...)
{DSA-894-1}
- abiword 2.4.1-1 (bug #333740; medium)
@@ -8945,7 +8935,6 @@
CVE-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy
access to ...)
{DTSA-16-1}
- linux-2.6 2.6.12-6 (medium)
- - kernel-source-2.4.27 2.4.27-12 (medium)
CVE-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the
pwd ...)
NOT-FOR-US: rexecd
CVE-2004-2387 (Buffer overflow in the HandleCPCCommand function of sercd before
2.3.1 ...)
@@ -9522,8 +9511,6 @@
CVE-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux
...)
{DTSA-16-1}
- linux-2.6 2.6.12-3 (medium)
- - kernel-source-2.4.27 2.4.27-12 (medium)
- [sarge] - kernel-source-2.4.27 2.4.27-10sarge2 (medium)
CVE-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in
...)
{DSA-922-1 DSA-921-1 DTSA-16-1}
- linux-2.6 2.6.12-2 (bug #321401; medium)
@@ -12589,7 +12576,6 @@
CVE-2005-1761 (Linux kernel 2.6 and 2.4 on the IA64 architecture allows local
users ...)
{DSA-922-1 DTSA-16-1}
- linux-2.6 2.6.12-1 (medium)
- - kernel-source-2.4.27 <unfixed> (low)
CVE-2005-1760 (sysreport 1.3.15 and earlier includes contents of the up2date
file in ...)
NOT-FOR-US: sysreport
CVE-2005-1759 (Race condition in shtool 2.0.1 and earlier allows local users to
...)
@@ -17477,7 +17463,6 @@
NOT-FOR-US: Sami HTTP Server
CVE-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows
remote ...)
- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11
and 2.6.12)
- - kernel-source-2.4.27 <not-affected> (Per Herbet Xu:
http://oss.sgi.com/archives/netdev/2005-01/msg01107.html)
CVE-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl
before ...)
{DSA-696-1}
- perl 5.8.4-7
@@ -20079,7 +20064,6 @@
NOTE: package was fixed.
CVE-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not
properly ...)
- linux-2.6 <not-affected> (Fixed before upload into archive)
- TODO: Check, when this was fixed
- kernel-source-2.6.8 2.6.8-10
CVE-2004-0886 (Multiple integer overflows in libtiff 3.6.1 and earlier allow
remote ...)
{DSA-567-1}