thr3ads.net - Secure testing commits - [Secure-testing-commits] r2840

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Nov-23 09:58 UTC

[Secure-testing-commits] r2840 - data/CVE

Author: jmm-guest
Date: 2005-11-23 09:57:34 +0000 (Wed, 23 Nov 2005)
New Revision: 2840

Modified:
   data/CVE/list
Log:
new potential kernel issues
bugnums


Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-11-23 09:19:04 UTC (rev 2839)
+++ data/CVE/list	2005-11-23 09:57:34 UTC (rev 2840)
@@ -1,3 +1,6 @@
+CVE-2005-XXXX [Two potential netfilter DoS issues]
+	- linux-2.6 <unfixed>
+	NOTE: Pinged Horms/dannf
 CVE-2005-3759 [XSS in horde3]
 	- horde3 3.0.7-1 (bug #340323; medium)
 CVE-2004-2569 [Insecure temp file in ipmenu]
@@ -1692,7 +1695,7 @@
 	RESERVED
 CVE-2005-3186 (Integer overflow in the GTK+ gdk-pixbuf XPM image rendering
library in ...)
 	- gtk+2.0 2.6.10-2 (bug #339431; medium)
-	- gdk-pixbuf 0.22.0-11 (bug #339431; medium)
+	- gdk-pixbuf 0.22.0-11 (bug #339431; bug #339458; medium)
 CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the
Service ...)
 	- ethereal <unfixed> (bug #334880; medium)
 CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww
...)
@@ -9655,7 +9658,7 @@
 	NOT-FOR-US: Sumus web server
 CVE-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows
remote ...)
 	{DSA-713-1}
-	- junkbuster <removed>
+	- junkbuster <removed> (bug #304793)
 	NOTE: checked privoxy, is not vulnerable
 CVE-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with ...)
 	{DSA-713-1}
@@ -20189,14 +20192,9 @@
 CVE-2002-1476 (Buffer overflow in setlocale in libc on NetBSD 1.4.x through
1.6, and ...)
 	NOT-FOR-US: NetBSD
 CVE-2002-1472 (libX11.so in xfree86, when used in setuid or setgid programs,
allows ...)
-	- xfree86 4.2.1-1
-	NOTE: Accordong to http://www.securityfocus.com/bid/5735/info/
-	NOTE: woody is still vulnerable
-	NOTE: open bug #280872
+	- xfree86 4.2.1-1 (bug #280872)
 CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does
not ...)
-	- evolution 1.2.0-1
-	NOTE: woody seems to be still vulnerable
-	NOTE: open bug #280883
+	- evolution 1.2.0-1 (bug #280883)
 CVE-2002-1469 (scponly does not properly verify the path when finding the (1)
scp or ...)
 	- scponly 3.8-1
 	NOTE: according to http://sublimation.org/scponly/ (scponly home page)

Secure testing commits - Nov 2005 - r2840 - data/CVE

[Secure-testing-commits] r2840 - data/CVE