Author: joeyh
Date: 2005-10-20 05:26:45 +0000 (Thu, 20 Oct 2005)
New Revision: 2473
Modified:
data/CVE/list
data/DSA/list
Log:
add fix info
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-10-20 05:09:05 UTC (rev 2472)
+++ data/CVE/list 2005-10-20 05:26:45 UTC (rev 2473)
@@ -4332,8 +4332,8 @@
CVE-2002-1904 (Buffer overflow in the Log function in util.c in GazTek ghttpd
1.4 ...)
NOT-FOR-US: ghttpd
CVE-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into
Sender: ...)
- - pine <unfixed> (low)
- TODO: Check, whether this still applies to current version, <unfixed>
for now
+ - pine 4.62-1 (low)
+ NOTE: checked listed version, and it didn''t have the problem
NOTE: non-free
CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a
denial of ...)
NOT-FOR-US: CGIForum
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-10-20 05:09:05 UTC (rev 2472)
+++ data/DSA/list 2005-10-20 05:26:45 UTC (rev 2473)
@@ -24,7 +24,7 @@
NOTE: fixed in testing at time of DSA (woody-only DSA)
[10 Oct 2005] DSA-859-1 xli - buffer overflows
{CVE-2005-3178}
- - xli <unfixed> (medium)
+ - xli 1.17.0-20 (medium)
NOTE: not fixed in testing at time of DSA (unfixed in sid)
[10 Oct 2005] DSA-858-1 xloadimage - buffer overflows
{CVE-2005-3178}