Author: jmm-guest Date: 2005-11-21 09:22:48 +0000 (Mon, 21 Nov 2005) New Revision: 2807 Modified: data/CVE/list Log: another openswan issue fixed claim new block Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-11-21 09:14:21 UTC (rev 2806) +++ data/CVE/list 2005-11-21 09:22:48 UTC (rev 2807) @@ -1,3 +1,4 @@ +begin claimed by jmm CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...) TODO: check CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...) @@ -102,6 +103,7 @@ TODO: check CVE-2005-3665 RESERVED +end claimed by jmm CVE-2004-2558 (Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, ...) TODO: check CVE-2004-2557 (NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a ...) @@ -832,7 +834,8 @@ CVE-2005-3621 (CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows ...) - phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium) CVE-2005-XXXX [openswan isakmp dos] - - openswan 1:2.4.3-1 (bug #339082; medium) + - openswan 1:2.4.4-1 (bug #339082; medium) + NOTE: Initial 2.4.3 didn''t fix all the issues from the NISCC report TODO: Keep an eye on ipsec-tools''s upstream, it''s potentially affected as well CVE-2005-XXXX [Two unspecified issues in non-free rar] - rar <unfixed> (bug #339077; unknown) @@ -2130,7 +2133,7 @@ - imview <unfixed> (bug #326971; unknown) TODO: Needs further evaluation CVE-2005-XXXX [ Chroot escape in vserver kernel patch] - - kernel-patch-vserver 2.1 (bug #329087; medium) + - kernel-patch-vserver 2.1 (bug #329087; bug #329090; medium) [sarge] - kernel-patch-vserver 1.9.5.4 CVE-2005-XXXX [Local kernel DoS through incorrect boundary checks in cipher processors] - linux-2.6 2.6.12-7 (low)