Moritz Muehlenhoff
2005-Oct-28 10:35 UTC
[Secure-testing-commits] r2604 - in data: CVE DSA
Author: jmm-guest
Date: 2005-10-28 10:34:36 +0000 (Fri, 28 Oct 2005)
New Revision: 2604
Modified:
data/CVE/list
data/DSA/list
Log:
new gnump3d dsa
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-10-27 21:14:18 UTC (rev 2603)
+++ data/CVE/list 2005-10-28 10:34:36 UTC (rev 2604)
@@ -611,10 +611,12 @@
RESERVED
CVE-2005-3124
RESERVED
-CVE-2005-3123
+CVE-2005-3123 [Directory traversal in gnump3d]
RESERVED
-CVE-2005-3122
+ - gnump3d 2.9.6-1
+CVE-2005-3122 [XSS in gnump3d''s 404 page]
RESERVED
+ - gnump3d 2.9.6-1
CVE-2005-3121 (A rule file in module-assistant before 0.9.10 causes a temporary
file ...)
{DSA-867-1}
- module-assistant 0.9.10
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-10-27 21:14:18 UTC (rev 2603)
+++ data/DSA/list 2005-10-28 10:34:36 UTC (rev 2604)
@@ -1,3 +1,7 @@
+[28 Oct 2005] DSA-877-1 gnump3d - cross-site-scripting, directory traversal
+ {CVE-2005-3122 CVE-2005-3123}
+ [sarge] - gnump3d 2.9.3-1sarge2
+ NOTE: not fixed in testing at time of DSA (unfixed in sid)
[27 Oct 2005] DSA-876-1 lynx-ssl - buffer overflow
{CVE-2005-3120}
[woody] - lynx 2.8.4.1b-3.2