thr3ads.net - Secure testing commits - [Secure-testing-commits] r3289

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Jan-13 10:57 UTC

[Secure-testing-commits] r3289 - in data: CVE DSA

Author: jmm-guest
Date: 2006-01-13 10:57:06 +0000 (Fri, 13 Jan 2006)
New Revision: 3289

Modified:
   data/CVE/list
   data/DSA/list
Log:
two new DSAs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-13 10:36:59 UTC (rev 3288)
+++ data/CVE/list	2006-01-13 10:57:06 UTC (rev 3289)
@@ -979,7 +979,7 @@
 CVE-2002-2208 (Extended Interior Gateway Routing Protocol (EIGRP), as
implemented in ...)
 	NOT-FOR-US: IOS
 CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for
...)
-	- fetchmail <unfixed> (bug #343836; low)
+	- fetchmail 6.3.1-1 (bug #343836; low)
 CVE-2005-4418 [Default policy in util-vserver prior to 0.30.208 trusted unknown
capabilities]
 	RESERVED
 	- util-vserver 0.30.208-1
@@ -2812,6 +2812,7 @@
 	RESERVED
 	{DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- kdegraphics 3.5.0-3
+	- gpdf <unfixed>
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
@@ -2819,6 +2820,7 @@
 	{DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- poppler 0.4.3-2
 	- kdegraphics 3.5.0-3
+	- gpdf <unfixed>
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
@@ -2827,6 +2829,7 @@
 	- poppler 0.4.3-2
 	- kdegraphics 3.5.0-3
 	- xpdf 3.01-4
+	- gpdf <unfixed>
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
@@ -2834,11 +2837,13 @@
 	- poppler 0.4.3-2
 	- kdegraphics 3.5.0-3
 	- xpdf 3.01-4
+	- gpdf <unfixed>
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for
xpdf, ...)
 	{DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- poppler 0.4.3-2
+	- gpdf <unfixed>
 	- kdegraphics 3.5.0-3
 	- xpdf 3.01-4
 	- koffice 1:1.4.2-6 (bug #342294)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2006-01-13 10:36:59 UTC (rev 3288)
+++ data/DSA/list	2006-01-13 10:57:06 UTC (rev 3289)
@@ -1,3 +1,12 @@
+[13 Jan 2006] DSA-940-1 gpdf - buffer overflows
+	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626
CVE-2005-3627 CVE-2005-3628}
+	[sarge] - gpdf 2.8.2-1.2sarge2
+	NOTE: Not fixed in testing at time of DSA (waiting on dep)
+[13 Jan 2006] DSA-939-1 fetchmail - programming error
+	{CVE-2005-4348}
+	[woody] - fetchmail <not-affected> (Vulnerable code not present)
+	[sarge] - fetchmail 6.2.5-12sarge4
+	NOTE: Not fixed in testing at time of DSA (unfixed in sid)
 [12 Jan 2006] DSA-938-1 koffice - buffer overflows
 	{CVE-2005-3191 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
CVE-2005-3628}
 	[sarge] - koffice 1.3.5-4.sarge.2

Secure testing commits - Jan 2006 - r3289 - in data: CVE DSA

[Secure-testing-commits] r3289 - in data: CVE DSA