Author: joeyh
Date: 2006-01-20 21:14:21 +0000 (Fri, 20 Jan 2006)
New Revision: 3331
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-01-20 20:37:19 UTC (rev 3330)
+++ data/CVE/list 2006-01-20 21:14:21 UTC (rev 3331)
@@ -406,6 +406,7 @@
CVE-2006-0152 (Cross-site scripting (XSS) in search_result.php in phpChamber
1.2 and ...)
NOT-FOR-US: phpChamber
CVE-2006-0151 (sudo 1.6.8 and other versions does not clear the PYTHONINSPECT
...)
+ {DSA-946-1}
- sudo <unfixed>
NOTE: The whole black list approach is flawed, for the DSA we''ll
switch to
NOTE: a white list approach of known to be safe env vars.
@@ -451,6 +452,7 @@
CVE-2004-2653 (Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1
allows ...)
NOT-FOR-US: PD9 Software MegaBBS
CVE-2006-0162 (Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus
...)
+ {DSA-947-1}
- clamav 0.88-1
NOTE: Sarge is affected
CVE-2006-0138 (aMSN (aka Alvaro''s Messenger) allows remote attackers
to cause a ...)
@@ -1043,6 +1045,7 @@
- linux-2.6 <unfixed>
CVE-2006-0019 [kjs heap overflow]
RESERVED
+ {DSA-948-1}
- kdelibs <unfixed> (medium)
CVE-2005-4474 (Buffer overflow in the "Add to archive"
command in WinRAR 3.51 allows ...)
NOT-FOR-US: WinRAR
@@ -1718,6 +1721,7 @@
CVE-2005-4159 (** DISPUTED ** ...)
NOT-FOR-US: Simple Machines Forum
CVE-2005-4158 (Sudo before 1.6.8 p12, when the Perl taint flag is off, does not
clear ...)
+ {DSA-946-1}
- sudo <unfixed> (bug #342948; medium)
CVE-2005-4157 (Unspecified vulnerability in Kerio WinRoute Firewall before
6.1.3 ...)
NOT-FOR-US: Kerio Firewall