Author: jmm-guest
Date: 2006-03-23 13:59:03 +0000 (Thu, 23 Mar 2006)
New Revision: 3671
Modified:
data/CVE/list
Log:
some no-dsa, remove a non-issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-23 13:30:38 UTC (rev 3670)
+++ data/CVE/list 2006-03-23 13:59:03 UTC (rev 3671)
@@ -1551,7 +1551,8 @@
[woody] - imagemagick <not-affected> (Vulnerable code not present)
[sarge] - imagemagick <not-affected> (Vulnerable code not present)
CVE-2006-XXXX [dpkg-sig: insecure temp file bug]
- - dpkg-sig <unfixed> (bug #352723; medium)
+ - dpkg-sig <unfixed> (bug #352723; low)
+ [sarge] - dpkg-sig <no-dsa> (Only affected in debug mode)
CVE-2006-XXXX [Wordpress XSS]
- wordpress 2.0.1-1 (bug #328909)
CVE-2006-XXXX [pioneers meta-server DoS]
@@ -4552,6 +4553,7 @@
REJECTED
CVE-2005-3964 (Multiple buffer overflows in libUil (libUil.so) in OpenMotif
2.2.3, ...)
- openmotif <unfixed> (bug #342092; medium)
+ [sarge] - openmotif <no-dsa> (Non-free)
CVE-2005-3963 (SQL injection vulnerability in session.php in DotClear before
1.2.3 ...)
NOT-FOR-US: DotClear
CVE-2004-2649 (Eudora 6.1.0.6 allows remote attackers to obfuscate URLs
displayed in ...)
@@ -10107,10 +10109,6 @@
- webcalendar 0.9.45-7 (bug #315671; medium)
CVE-2005-2437 (Website Baker Project does not properly verify the file
extensions of ...)
NOT-FOR-US: Website Baker
-CVE-2005-XXXX [fiaif: Package provided cron job updates conf files with access
definitions]
- NOTE: This doesn''t look like a real security issue as cron.daily
should only be
- NOTE: writable by root, but lets include it as the maintainer considers it an
issue
- - fiaif 1.19.2-14 (low)
CVE-2005-2275
RESERVED
CVE-2005-2274 (Microsoft Internet Explorer 6.0 does not clearly associate a
...)
@@ -12225,6 +12223,7 @@
REJECTED
CVE-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can
hang ...)
- leafnode 1.11.3.rel-1 (bug #338886; low)
+ [sarge] - leafnode <no-dsa> (Very minor issue, not worth a fix)
CVE-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts
Events ...)
NOT-FOR-US: WWWeb Concepts Events System
CVE-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote
...)
@@ -16547,6 +16546,7 @@
- xfree86 4.3.0.dfsg.1-13
- xorg-x11 <not-affected> (Fixed before upload into archive)
- openmotif 2.2.3-1.1 (bug #308819; medium)
+ [sarge] - openmotif <no-dsa> (Non-free)
CVE-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the
...)
NOT-FOR-US: GFI Languard Network Security Scanner
CVE-2005-0603 (viewtopic.php in phpBB 2.0.12 and earlier allows remote
attackers to ...)
@@ -19982,6 +19982,7 @@
NOTE: but lesstif2 did get fixed for this hole..
- lesstif2 1:0.93.94-11.2
- openmotif 2.2.3-1.1 (bug #309819; medium)
+ [sarge] - openmotif <no-dsa> (Non-free)
CVE-2004-0913 (Unknown vulnerability in ecartis 0.x before ...)
{DSA-572-1}
- ecartis 1.0.0+cvs.20030911-8
@@ -20565,6 +20566,7 @@
NOTE: Matej Vela has checked that these are backported to lesstif1 as well
- lesstif1-1 1:0.93.94-10
- openmotif 2.2.3-1.1 (bug #308819; low)
+ [sarge] - openmotif <no-dsa> (Non-free)
- xfree86 4.3.0.dfsg.1-8
- xorg-x11 <not-affected> (Fixed before introduction into archive)
CVE-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in
...)
@@ -20572,6 +20574,7 @@
NOTE: Matej Vela has checked that these are backported to lesstif1 as well
- lesstif1-1 1:0.93.94-10
- openmotif 2.2.3-1.1 (bug #308819; low)
+ [sarge] - openmotif <no-dsa> (Non-free)
- xfree86 4.3.0.dfsg.1-8
- xorg-x11 <not-affected> (Fixed before introduction into archive)
CVE-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4,
when the ...)