Moritz Muehlenhoff
2006-Jan-31 10:07 UTC
[Secure-testing-commits] r3392 - in data: CVE DSA
Author: jmm-guest
Date: 2006-01-31 10:05:53 +0000 (Tue, 31 Jan 2006)
New Revision: 3392
Modified:
data/CVE/list
data/DSA/list
Log:
unalz DSA
update on imagemagick DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-01-30 21:14:23 UTC (rev 3391)
+++ data/CVE/list 2006-01-31 10:05:53 UTC (rev 3392)
@@ -1083,7 +1083,7 @@
CVE-2005-XXXX [snort: DoS in verbose mode]
- snort 2.3.3-2 (bug #328134; low)
CVE-2005-4601 (The delegate code in ImageMagick 6.2.4.5-0.3 allows remote
attackers ...)
- {DSA-957-1}
+ {DSA-957-2}
- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
NOTE: Exploitable through Gnus and Thunderbird.
CVE-2006-0053
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-01-30 21:14:23 UTC (rev 3391)
+++ data/DSA/list 2006-01-31 10:05:53 UTC (rev 3392)
@@ -1,3 +1,7 @@
+[30 Jan 2006] DSA-959-1 unalz - buffer overflow
+ {CVE-2005-3862}
+ [sarge] - unalz 0.30.1
+ NOTE: not fixed in testing at time of DSA (unfixed in sid)
[27 Jan 2006] DSA-958-1 drupal - several
{CVE-2005-3973 CVE-2005-3974 CVE-2005-3975}
[sarge] - drupal 4.5.3-5
@@ -2,6 +6,6 @@
NOTE: fixed in testing at time of DSA
-[26 Jan 2006] DSA-957-1 imagemagick - missing shell meta sanitising
+[26 Jan 2006] DSA-957-2 imagemagick - missing shell meta sanitising
{CVE-2005-4601}
- [woody] - imagemagick 4:5.4.4.5-1woody7
- [sarge] - imagemagick 6:6.0.6.2-2.5
+ [woody] - imagemagick 4:5.4.4.5-1woody8
+ [sarge] - imagemagick 6:6.0.6.2-2.6
NOTE: fixed in testing at time of DSA