Author: micah Date: 2006-01-06 01:25:27 +0000 (Fri, 06 Jan 2006) New Revision: 3237 Modified: data/CVE/list Log: vserver updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-01-06 00:04:59 UTC (rev 3236) +++ data/CVE/list 2006-01-06 01:25:27 UTC (rev 3237) @@ -682,7 +682,10 @@ CVE-2005-4347 [Improper barrier code allows for chroot escape] RESERVED - util-vserver 0.30.208-1 + - kernel-patch-vserver 2.3 (bug #329087; medium) + [sarge] - kernel-patch-vserver 1.9.5.4 (bug #329087; medium) [sarge] - util-vserver 0.30.204-5sarge3 (bug #329090; medium) + NOTE: both util-vserver and the kernel-patch-vserver need to be upgraded to fix this vulnerability CVE-2005-4346 (SQL injection vulnerability in index.php in phpBB Blog 2.2.2 and ...) NOT-FOR-US: phpBB Blog TODO: Double-check please, this doesn''t seem to be included in stock phpbb @@ -4449,9 +4452,6 @@ CVE-2005-XXXX [imview: Possible buffer overflow with FITS images] - imview <unfixed> (bug #326971; unknown) TODO: Needs further evaluation -CVE-2005-XXXX [ Chroot escape in vserver kernel patch] - - kernel-patch-vserver 2.3 (bug #329087; medium) - [sarge] - kernel-patch-vserver 1.9.5.4 (bug #329087; medium) CVE-2005-3753 (Linux kernel before after 2.6.12 and before 2.6.13.1 might allow ...) - linux-2.6 2.6.12-7 (low) CVE-2005-3043 (SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows ...)