Secure testing commits - Jan 2006 - r3235 - data/CVE

Author: micah
Date: 2006-01-05 22:34:37 +0000 (Thu, 05 Jan 2006)
New Revision: 3235

Modified:
   data/CVE/list
Log:
More sarge false-positive checks, none found


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-05 22:02:11 UTC (rev 3234)
+++ data/CVE/list	2006-01-05 22:34:37 UTC (rev 3235)
@@ -163,6 +163,7 @@
 	NOTE: This affects Woody and Sarge
 CVE-2005-4584 (BZFlag server 2.0.4 and earlier allows remote attackers to cause
a ...)
 	- bzflag <unfixed> (bug #345245; low)
+	NOTE: Sarge and Woody affected
 CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware
ESX ...)
 	NOT-FOR-US: VMWare
 CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or
integrity ...)
@@ -1815,6 +1816,7 @@
 	{DTSA-23-1}
 	- centericq 4.21.0-6 (bug #340959; medium)
 	TODO: Check orpheus and motor
+	NOTE: This affects Sarge and Woody centericq
 CVE-2005-3862 (Buffer overflow in unalz before 0.53 allows remote attackers to
...)
 	- unalz <unfixed> (bug #340842; medium)
 CVE-2005-3861 (PHP remote file inclusion vulnerability in content.php in
phpGreetz ...)
@@ -12571,7 +12573,8 @@
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see
#306137)
 CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users
to ...)
-	- cdrtools 4:2.01+01a01-4
+	- cdrtools 4:2.01+01a01-4 (bug #291376)
+	NOTE: Sarge and Woody affected
 CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to
bypass ...)
 	NOT-FOR-US: Scalable OGo (SOGo)
 CVE-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice
Mike''s ...)
@@ -12877,6 +12880,7 @@
 	NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
 	- gzip 1.3.5-10
 	- bzip2 1.0.2-8.1 (bug #321286; medium)
+	NOTE: Sarge and Woody bzip2 are both affected, gzip only affected in Woody
(has new enough version in Sarge)
 CVE-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise
Linux ...)
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #311164)