Author: joeyh
Date: 2005-09-12 21:14:17 +0000 (Mon, 12 Sep 2005)
New Revision: 1942
Modified:
data/CAN/list
data/CVE/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-12 20:15:08 UTC (rev 1941)
+++ data/CAN/list 2005-09-12 21:14:17 UTC (rev 1942)
@@ -348,7 +348,7 @@
CAN-2005-2701
NOTE: reserved
CAN-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
- {DSA-805-1}
+ {DSA-807-1 DSA-805-1}
- libapache-mod-ssl 2.8.24-1 (medium)
- apache2 2.0.54-5 (bug #327210; medium)
CAN-2005-2699 (admin/admin.php in PHPKit 1.6.1 allows remote authenticated ...)
@@ -1565,6 +1565,7 @@
CAN-2005-2412 (PHP remote file inclusion vulnerability in block.php in PHP
FirstPost ...)
NOTE: not-for-us (First Post)
CAN-2005-2411 (Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1,
and ...)
+ {DSA-808-1}
- tdiary 2.0.2-1 (medium)
CAN-2005-2410 (Format string vulnerability in the nm_info_handler function in
Network ...)
NOTE: not-for-us (Network Manager)
@@ -11225,6 +11226,7 @@
CAN-2004-1143 (The password generation in mailman before 2.1.5 generates only 5
...)
- mailman 2.1.5-5
CAN-2004-1142 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a
...)
+ {DSA-613-1}
- ethereal 0.10.8
CAN-2004-1141 (The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows
remote ...)
- ethereal 0.10.8
@@ -12501,9 +12503,9 @@
CAN-2004-0596 (The Equalizer Load-balancer for serial network interfaces
(eql.c) in ...)
NOTE: Fixed in upstream ( <= 2.6.7)
CAN-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to
...)
- {DSA-689-1 DSA-531}
+ {DSA-669-1 DSA-531}
CAN-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x
up to ...)
- {DSA-689-1 DSA-531}
+ {DSA-669-1 DSA-531}
CAN-2004-0593 (Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic
before ...)
NOTE: not-for-us (Sygate Enforcer)
CAN-2004-0592
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-09-12 20:15:08 UTC (rev 1941)
+++ data/CVE/list 2005-09-12 21:14:17 UTC (rev 1942)
@@ -1,3 +1,6 @@
+CVE-2002-1412
+ {DSA-138}
+ TODO: check
CVE-2004-0356
NOTE: not-for-us (windows mta)
CVE-2004-0347
Florian Weimer
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: [Secure-testing-commits] r1942 - in data: CAN CVE
* Joey Hess:> +CVE-2002-1412 > + {DSA-138} > + TODO: checkWe already have more data on this one: CAN-2002-1412 {DSA-138} - gallery 1.3-3 How shall we deal with such conflicts in the future?
Moritz Muehlenhoff
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: [Secure-testing-commits] r1942 - in data: CAN CVE
Florian Weimer wrote:> * Joey Hess: > > > +CVE-2002-1412 > > + {DSA-138} > > + TODO: check > > We already have more data on this one: > > CAN-2002-1412 > {DSA-138} > - gallery 1.3-3 > > How shall we deal with such conflicts in the future?This will no longer be an issue after the MITRE reorg next month. Cheers, Moritz