Secure testing commits - Feb 2006 - r3544 - data/CVE

Author: jmm-guest
Date: 2006-02-26 21:53:35 +0000 (Sun, 26 Feb 2006)
New Revision: 3544

Modified:
   data/CVE/list
Log:
bugnums


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-02-26 21:44:25 UTC (rev 3543)
+++ data/CVE/list	2006-02-26 21:53:35 UTC (rev 3544)
@@ -149,7 +149,7 @@
 CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy
Cache ...)
 	TODO: check
 CVE-2006-XXXX [three issues in bugzilla]
-	- bugzilla <unfixed> (bug filed)
+	- bugzilla <unfixed> (bug #354457)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
 CVE-2006-XXXX [cherrypy2 information disclosure]
@@ -273,7 +273,7 @@
 CVE-2006-0753 (Memory leak in Microsoft Internet Explorer 6 for Windows XP
Service ...)
 	TODO: check
 CVE-2006-0752 (Niels Provos Honeyd before 1.5 replies to certain illegal IP
packet ...)
-	- honeyd <unfixed> (bug filed)
+	- honeyd <unfixed> (bug #353064; low)
 CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in
...)
 	TODO: check
 CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers
(SSB) ...)
@@ -371,7 +371,7 @@
 CVE-2006-0710 (Double-free vulnerability in isode.eddy in Isode M-Vault Server
11.3 ...)
 	NOT-FOR-US: Isode M-Vault
 CVE-2006-0709 (Buffer overflow in Metamail 2.7-50 allows remote attackers to
cause a ...)
-	- metamail 2.7-51 (bug #352482)
+	- metamail 2.7-51 (bug #352482; bug #353539)
 CVE-2006-0708 (Multiple buffer overflows in NullSoft Winamp 5.13 and earlier
allow ...)
 	NOT-FOR-US: Winamp
 CVE-2006-0707 (PyBlosxom before 1.3.2, when running on certain webservers,
allows ...)
@@ -912,7 +912,7 @@
 CVE-2006-0482 (Linux kernel 2.6.15.1 and earlier, when running on SPARC ...)
 	- linux-2.6 2.6.15-4
 CVE-2006-0481 (Heap-based buffer overflow in the alpha strip capability in
libpng ...)
-	- libpng 1.2.8rel-3
+	- libpng 1.2.8rel-3 (bug #352902; bug #352918)
 	[sarge] - libpng <not-affected> (Only 1.2.7 affected)
 	[woody] - libpng <not-affected> (Only 1.2.7 affected)
 	[sarge] - libpng3 1.2.8rel-1
@@ -1038,7 +1038,7 @@
 	RESERVED
 CVE-2006-0455 (gpgv in GnuPG 1.4.x before 1.4.2.1, when using unattended
signature ...)
 	{DSA-978-1}
-	- gnupg <unfixed> (bug #353017; medium)
+	- gnupg <unfixed> (bug #353017; bug #353019; medium)
 	[woody] - gnupg 1.0.6-4woody4
 	[sarge] - gnupg 1.4.1-1sarge1
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html
indicates that