Author: jmm-guest Date: 2006-01-05 00:19:28 +0000 (Thu, 05 Jan 2006) New Revision: 3230 Modified: data/CVE/list Log: three no-dsa issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-01-05 00:01:30 UTC (rev 3229) +++ data/CVE/list 2006-01-05 00:19:28 UTC (rev 3230) @@ -647,6 +647,7 @@ - phpbb2 <unfixed> (unimportant) CVE-2005-4357 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when ...) - phpbb2 <unfixed> (bug #344674; low) + [sarge] - phpbb2 <no-dsa> (Affects only an inherently unsafe option only suitable for trusted users) NOTE: According to the maintainer only affects a config option that is strongly NOTE: discouraged due to potential security problems CVE-2005-4356 (SQL injection vulnerability in UStore allows remote attackers to ...) @@ -15703,6 +15704,8 @@ CVE-2005-0023 (gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to ...) - gnome-libs <unfixed> (bug #329156; low) - vte <unfixed> (bug #330907; low) + [sarge] - vte <no-dsa> (Not considered a security problem, see #329156) + [sarge] - gnome-libs <no-dsa> (Not considered a security problem, see #329156) CVE-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim before ...) - exim4 4.34-10 CVE-2005-0021 (Multiple buffer overflows in Exim before 4.43 may allow attackers to ...)