Author: jmm-guest Date: 2006-01-17 09:28:20 +0000 (Tue, 17 Jan 2006) New Revision: 3306 Modified: data/CVE/list Log: two apache2 issues fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-01-17 09:26:23 UTC (rev 3305) +++ data/CVE/list 2006-01-17 09:28:20 UTC (rev 3306) @@ -118,7 +118,6 @@ NOT-FOR-US: Microsoft CVE-2006-0186 REJECTED - NOT-FOR-US: MusicBox CVE-2006-0185 (Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) ...) NOT-FOR-US: PHP-Nuke CVE-2006-0184 (Multiple SQL injection vulnerabilities in AspTopSites allow remote ...) @@ -3851,7 +3850,7 @@ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11) TODO: check 2.4 CVE-2005-3357 (mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost ...) - TODO: check + - apache2 2.0.55-4 CVE-2005-3356 [kernel DoS, see patch-tracking for details] RESERVED - linux-2.6 <unfixed> @@ -3869,7 +3868,7 @@ - php5 5.1.1-1 (bug #336654; medium) CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module of ...) - apache 1.3.34-2 (bug #343466; low) - - apache2 <unfixed> (bug #343467; low) + - apache2 2.0.55-4 (bug #343467; low) NOTE: Version(s): prior to 1.3.35-dev, 2.0.56-dev are affected NOTE: Means oldstable and stable are affected CVE-2005-3351 (SpamAssassin 3.0.4 allows attackers to bypass spam detection via an ...)