Author: jmm-guest Date: 2006-02-17 10:46:55 +0000 (Fri, 17 Feb 2006) New Revision: 3500 Modified: data/CVE/list Log: migration-tools CVEfied and fixed new imagemagick issue update on freebsd for kfreebsd port Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-16 13:54:08 UTC (rev 3499) +++ data/CVE/list 2006-02-17 10:46:55 UTC (rev 3500) @@ -1,3 +1,5 @@ +CVE-2006-XXXX [imagemagick: array index overflow in DisplayImageCommand] + - imagemagick 6:6.2.4.5-0.6 (bug #345595) CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in My Blog before 1.65 allows ...) TODO: check CVE-2006-0734 (Unspecified vulnerability in Valve Software Half-Life CSTRIKE ...) @@ -519,7 +521,7 @@ CVE-2006-0513 (Directory traversal vulnerability in pkmslogout in Tivoli Web Server ...) NOT-FOR-US: Tivoli CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which ...) - NOT-FOR-US: PADL MigrationTools + - migrationtools 46-2.1 (bug #338920; medium) CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not ...) NOT-FOR-US: Blackboard Academic Suite CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 ...) @@ -668,7 +670,7 @@ CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS ...) TODO: check CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...) - TODO: check + - migrationtools 46-2.1 (bug #338920; medium) CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView ...) TODO: check CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 ...) @@ -892,11 +894,11 @@ CVE-2006-0382 (Apple Mac OS X 10.4.5 and allows local users to cause a denial of ...) TODO: check CVE-2006-0381 (A logic error in the IP fragment cache functionality in pf in FreeBSD ...) - NOT-FOR-US: pf on Free BSD and Open BSD + - kfreebsd-5 5.4-14 CVE-2006-0380 (A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel ...) - NOT-FOR-US: FreeBSD + NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5 CVE-2006-0379 (FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a ...) - NOT-FOR-US: FreeBSD + NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5 CVE-2006-0378 (Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager ...) NOT-FOR-US: Netrix X-Site Manager CVE-2006-0377 @@ -4852,8 +4854,6 @@ CVE-2005-3857 (The time_out_leases function in locks.c for Linux kernel before ...) - linux-2.6 2.6.14-4 (low) - kernel-source-2.4.27 2.4.27-13 (low) -CVE-2005-XXXX [Insecure temp file usage in migrationtools] - - migrationtools <unfixed> (bug #338920; medium) CVE-2005-XXXX [user logout in drupal has no effect] [sarge] - drupal <not-affected> (bug was introduced after 4.5.3) - drupal 4.5.5-3 (bug #336719; medium)