Author: jmm-guest
Date: 2005-11-14 09:41:39 +0000 (Mon, 14 Nov 2005)
New Revision: 2730
Modified:
data/CVE/list
Log:
libungif fixed + bugnums
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-11-14 09:14:18 UTC (rev 2729)
+++ data/CVE/list 2005-11-14 09:41:39 UTC (rev 2730)
@@ -8,7 +8,7 @@
CVE-2005-XXXX [incorrect use of the PAM framework by courier]
- courier 0.47-12 (bug #211920; medium)
CVE-2005-XXXX [double free() in libungif]
- - libungif4 (bug #338542; medium)
+ - libungif4 4.1.4-1 (bug #338542; medium)
CVE-2005-XXXX [moodle SQL injection]
- moodle <unfixed> (bug #338592; medium)
CVE-2005-XXXX [Buffer overflows in Sylpheed''s address book import]
@@ -317,7 +317,7 @@
CVE-2005-3350 [libungif buffer overflows]
RESERVED
{DSA-890-1}
- - libungif4 <unfixed> (bug #337972; high)
+ - libungif4 4.1.3-4 (bug #337972; high)
CVE-2005-3349
RESERVED
CVE-2005-3348
@@ -1437,7 +1437,7 @@
CVE-2005-2974 [libungif null pointer deref dos]
RESERVED
{DSA-890-1}
- - libungif4 <unfixed> (bug #337972; medium)
+ - libungif4 4.1.3-4 (bug #337972; medium)
CVE-2005-2973 (The udp_v6_get_port function in udp.c in Linux 2.6 before
2.6.14-rc5, ...)
- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (low)
- kernel-source-2.4.27 <unfixed>
@@ -3811,7 +3811,7 @@
CVE-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly
clone ...)
{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
- mozilla-firefox 1.0.5-1 (high)
- - mozilla 2:1.7.9-1 (high; bug #318062)
+ - mozilla 2:1.7.9-1 (bug #318062; bug #325851; high)
- mozilla-thunderbird 1.0.6-1 (high)
CVE-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
does ...)
{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
@@ -12825,7 +12825,7 @@
NOT-FOR-US: Netscape Directory Server on HP-UX
CVE-2004-1235 (Race condition in the (1) load_elf_library and (2) binfmt_aout
...)
- linux-2.6 2.6.12-1 (bug #289202; high)
- - kernel-source-2.4.27 2.4.27-8 (bug #289202; bug #289708; high)
+ - kernel-source-2.4.27 2.4.27-8 (bug #289202; bug #289708; bug #291053; high)
CVE-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to
cause a ...)
NOTE: fixed after 2.4.25
CVE-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a
...)
@@ -13734,7 +13734,7 @@
CVE-2004-0884 (The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18
and ...)
{DSA-568-1 DSA-563-3}
- cyrus-sasl <removed>
- - cyrus-sasl2 2.1.19-1.3 (bug #275431; bug #276865; bug #275432)
+ - cyrus-sasl2 2.1.19-1.3 (bug #275431; bug #276865; bug #275432; bug #275553)
CVE-2004-0883 (Multiple vulnerabilities in the samba filesystem (smbfs) in
Linux ...)
- kernel-source-2.4.27 2.4.27-6
- kernel-source-2.6.8 2.6.8-13
@@ -17365,7 +17365,7 @@
CVE-2003-0192 (Apache 2 before 2.0.47, and certain versions of mod_ssl for
Apache ...)
- apache2 2.0.47
CVE-2003-0190 (OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support
...)
- - ssh 1:3.8.1p1-8.sarge.4
+ - ssh 1:3.8.1p1-8.sarge.4 (bug #196413)
CVE-2003-0189 (The authentication module for Apache 2.0.40 through 2.0.45 on
Unix ...)
- apache2 2.0.46
CVE-2003-0188 (lv reads a .lv file from the current working directory, which
allows ...)
@@ -19928,8 +19928,7 @@
TODO: check
- kernel-image-2.4.18-i386 (bug #152152; unimportant)
CVE-2002-0703 (An interaction between the Perl MD5 module (perl-Digest-MD5) and
Perl ...)
- - perl 5.8.0-7
- NOTE: woody seems to be vulnerable, bug #282527
+ - perl 5.8.0-7 (bug #282527)
CVE-2002-0701 (ktrace in BSD-based operating systems allows the owner of a
process ...)
NOT-FOR-US: BSD
CVE-2002-0700 (Buffer overflow in a system function that performs user
authentication ...)