Secure testing commits - Feb 2006 - r3482 - data/CVE

Author: jmm-guest
Date: 2006-02-14 23:10:22 +0000 (Tue, 14 Feb 2006)
New Revision: 3482

Modified:
   data/CVE/list
Log:
hcidump, gnutls
new mantis issues (sigh)
binutils not-affected


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-02-14 22:42:10 UTC (rev 3481)
+++ data/CVE/list	2006-02-14 23:10:22 UTC (rev 3482)
@@ -13,7 +13,7 @@
 CVE-2006-0671 (Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i
cell ...)
 	TODO: check
 CVE-2006-0670 (Buffer overflow in l2cap.c in hcidump 1.29 allows remote
attackers to ...)
-	TODO: check
+	- bluez-hcidump <unfixed> (bug #351881)
 CVE-2006-0669 (Multiple SQL injection vulnerabilities in archive.asp in
GA''s Forum ...)
 	TODO: check
 CVE-2006-0668 (SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows
remote ...)
@@ -23,9 +23,11 @@
 CVE-2006-0666
 	RESERVED
 CVE-2006-0665 (Unspecified vulnerability in (1) query_store.php and (2) ...)
-	TODO: check
+	- mantis 0.19.4-3
+	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
 CVE-2006-0664 (Cross-site scripting (XSS) vulnerability in
config_defaults_inc.php in ...)
-	TODO: check
+	- mantis 0.19.4-3
+	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
 CVE-2006-0663 (Multiple cross-site scripting (XSS) vulnerabilities in Lotus
Domino ...)
 	TODO: check
 CVE-2006-0662 (Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes
Client ...)
@@ -61,9 +63,11 @@
 CVE-2006-0647 (LDAP service in Sun Java System Directory Server 5.2, running on
Linux ...)
 	TODO: check
 CVE-2006-0646 (ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain ...)
-	TODO: check
+	- binutils <not-affected> (SuSE specific vulnerability)
 CVE-2006-0645 (Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1)
GnuTLS ...)
-	TODO: check
+	- libtasn1-2 <unfixed> (bug #352182)
+	- libtasn1-0 <unfixed> (bug #352188)
+	- gnutls <unfixed>
 CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in
PHP-Nuke 7.8, ...)
 	TODO: check
 CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS
(VLAN ...)
@@ -81,10 +85,6 @@
 	- dpkg-sig <unfixed> (bug #352723; medium)
 CVE-2006-XXXX [pyblosxom remote file disclosure]
 	- pyblosxom 1.3.2-1 (high)
-CVE-2006-XXXX [gnutls/tasn remote DoS]
-	- libtasn1-2 <unfixed> (bug #352182)
-	- libtasn1-0 <unfixed> (bug #352188)
-	- gnutls <unfixed>
 CVE-2006-XXXX [Wordpress XSS]
 	- wordpress 2.0.1-1 (bug #328909)
 CVE-2006-XXXX [pioneers meta-server DoS]
@@ -251,8 +251,6 @@
 	NOT-FOR-US: Outblaze
 CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before
0.5.1, ...)
 	NOT-FOR-US: Xaraya
-CVE-2006-XXXX [bluez-hcidump DoS]
-	- bluez-hcidump <unfixed> (bug #351881)
 CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows
remote ...)
 	NOT-FOR-US: Communigate Pro
 CVE-2006-0565 (PHP remote file include vulnerability in
inc/backend_settings.php in ...)