Moritz Muehlenhoff
2005-Nov-22 14:24 UTC
[Secure-testing-commits] r2827 - in data: CVE DSA
Author: jmm-guest
Date: 2005-11-22 14:23:38 +0000 (Tue, 22 Nov 2005)
New Revision: 2827
Modified:
data/CVE/list
data/DSA/list
Log:
more DSA conversions
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-11-22 11:56:15 UTC (rev 2826)
+++ data/CVE/list 2005-11-22 14:23:38 UTC (rev 2827)
@@ -1703,19 +1703,15 @@
- php5 5.0.5-2 (low)
- php4 4:4.4.0-3 (low)
CVE-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and
earlier does ...)
- - linux-2.6 2.6.12-11 (medium)
- NOTE: Might as well be 2.6.13-2, depending on the next upload
+ - linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
- kernel-source-2.4.27 2.4.27-12 (medium)
- NOTE: CVE requested
CVE-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
- linux-2.6 2.6.13-2 (low)
- kernel-source-2.4.27 <not-affected>
NOTE: 2.6.12 itself not affected, fixed in SVN
CVE-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in
sysfs ...)
- - linux-2.6 2.6.12-11 (medium)
- NOTE: Might as well be 2.6.13-2, depending on the next upload
+ - linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
- kernel-source-2.4.27 <not-affected>
- NOTE: CVE requested
CVE-2005-XXXX [DoS vulnerability in msg id parsing of spampd]
- spampd <unfixed> (bug #332259; low)
CVE-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might
allow ...)
@@ -16980,7 +16976,7 @@
- proftpd 1.2.9-1
CVE-2003-0830 (Buffer overflow in marbles 1.0.2 and earlier allows local users
to ...)
{DSA-390}
- NOTE: marbles package not in testing or unstable
+ - marbles <removed>
CVE-2003-0829
RESERVED
CVE-2003-0828 (Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows
local ...)
@@ -17031,7 +17027,7 @@
NOT-FOR-US: microsoft
CVE-2003-0805 (Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and
3.x ...)
{DSA-387}
- NOTE: gopherd not in testing or unstable (deprecated)
+ - gopher <not-affected> (gopherd was removed in 3.0.6)
CVE-2003-0804 (The arplookup function in FreeBSD 5.1 and earlier, Mac OS X
before ...)
NOT-FOR-US: BSD
CVE-2003-0803 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers
to ...)
@@ -17073,10 +17069,12 @@
- ssh 1:3.7.1p2
CVE-2003-0785 (ipmasq before 3.5.12, in certain configurations, may forward
packets ...)
{DSA-389}
+ - ipmasq 3.5.12
CVE-2003-0784 (Format string vulnerability in tsm for the bos.rte.security
fileset on ...)
NOT-FOR-US: IBM TSM
CVE-2003-0783 (Multiple buffer overflows in hztty 2.0 allow local users to gain
root ...)
{DSA-385}
+ - hztty 2.0-6
CVE-2003-0782 (Multiple buffer overflows in ecartis before 1.0.0 allow
attackers to ...)
{DSA-467}
- ecartis 1.0.0+cvs.20030911
@@ -17266,11 +17264,13 @@
- openssh 1:3.6.1p2-6.0
CVE-2003-0692 (KDM in KDE 3.1.3 and earlier uses a weak session cookie
generation ...)
{DSA-388}
+ - kdebase 4:3.2
CVE-2003-0691
RESERVED
CVE-2003-0690 (KDM in KDE 3.1.3 and earlier does not verify whether the
pam_setcred ...)
{DSA-443 DSA-388}
- xfree86 4.3.0-0pre1v2
+ - kdebase 4:3.2
CVE-2003-0689 (The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier
allows ...)
- glibc 2.2.5
CVE-2003-0688 (The DNS map code in Sendmail 8.12.8 and earlier, when using the
...)
@@ -20385,7 +20385,7 @@
NOT-FOR-US: Alcatel
CVE-2002-1271 (The Mail::Mailer Perl module in the perl-MailTools package 1.47
and ...)
{DSA-386}
- - libmailtools-perl 1.51
+ - libmailtools-perl 1.51 (bug #168381)
CVE-2002-1270 (Mac OS X 10.2.2 allows local users to read files that only allow
write ...)
NOT-FOR-US: Mac OS X
CVE-2002-1268 (Mac OS X 10.2.2 allows local users to gain privileges via a
mounted ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-11-22 11:56:15 UTC (rev 2826)
+++ data/DSA/list 2005-11-22 14:23:38 UTC (rev 2827)
@@ -2019,28 +2019,28 @@
[woody] - openssl 0.9.6c-2.woody.4
[29 Sep 2003] DSA-392 webfs - buffer overflows, file and directory exposure
{CVE-2003-0832 CVE-2003-0833}
- - webfs 1.20
+ [woody] - webfs 1.17.2
[28 Sep 2003] DSA-391 freesweep - buffer overflow
{CVE-2003-0828}
- - freesweep 0.88-4.1
+ [woody] - freesweep 0.88-4woody1
[26 Sep 2003] DSA-390 marbles - buffer overflow
{CVE-2003-0830}
- NOTE: not present in sid, sarge
+ [woody] - marbles 1.0.2-1woody1
[20 Sep 2003] DSA-389 ipmasq - insecure packet filtering rules
{CVE-2003-0785}
- - ipmasq 3.5.12
+ [woody] - ipmasq 3.5.10c
[19 Sep 2003] DSA-388 kdebase - several vulnerabilities
{CVE-2003-0690 CVE-2003-0692}
- - kdebase 4:3.2
+ [woody] - kdebase 4:2.2.2-14.7
[18 Sep 2003] DSA-387 gopher - buffer overflows
{CVE-2003-0805}
- - gopher 3.0.6
+ [woody] - gopher 3.0.3woody1
[18 Sep 2003] DSA-386 libmailtools-perl - input validation bug
{CVE-2002-1271}
- - libmailtools-perl 1.51 (bug #168381)
+ [woody] - libmailtools-perl 1.44-1woody1
[18 Sep 2003] DSA-385 hztty - buffer overflows
{CVE-2003-0783}
- - hztty 2.0-6
+ [woody] - hztty 2.0-5.2woody1
[17 Sep 2003] DSA-384 sendmail - buffer overflows
{CVE-2003-0681 CVE-2003-0694}
- sendmail 8.12.10-1