Author: jmm-guest Date: 2005-12-07 15:47:07 +0000 (Wed, 07 Dec 2005) New Revision: 2973 Modified: data/CVE/list Log: correct libnet-server-perl/format string fix Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-07 15:00:30 UTC (rev 2972) +++ data/CVE/list 2005-12-07 15:47:07 UTC (rev 2973) @@ -10429,7 +10429,10 @@ CVE-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow ...) NOT-FOR-US: VHCS CVE-2005-1127 (Format string vulnerability in the log function in Net::Server 0.87 ...) - - libnet-server-perl 0.89-1 + - libnet-server-perl 0.87-1 + NOTE: This was already fixed in 0.87-1, although the changelog doesn''t mention + NOTE: the security implication, which was noticed later. I''ve verified both fixes + NOTE: are identical CVE-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 ...) NOT-FOR-US: Free BSD CVE-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in ...)