Moritz Muehlenhoff
2006-Feb-28 14:48 UTC
[Secure-testing-commits] r3545 - in data: CVE DSA
Author: jmm-guest
Date: 2006-02-28 14:47:47 +0000 (Tue, 28 Feb 2006)
New Revision: 3545
Modified:
data/CVE/list
data/DSA/list
Log:
three new DSA
no-dsa for obscure MIT kerberos info leaks
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-02-26 21:53:35 UTC (rev 3544)
+++ data/CVE/list 2006-02-28 14:47:47 UTC (rev 3545)
@@ -16057,7 +16057,11 @@
CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on
Solaris and ...)
TODO: check heimdal, netkit-telnet-ssl
- krb4 <unfixed> (low)
+ [woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
+ [sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
- krb5 <unfixed> (low)
+ [woody] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
+ [sarge] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
- netkit-telnet <not-affected> (netkit-telnet is not affected)
CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913
allows ...)
NOTE: This is not a real security issue; it just describes the fact that the
Gecko
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-02-26 21:53:35 UTC (rev 3544)
+++ data/DSA/list 2006-02-28 14:47:47 UTC (rev 3545)
@@ -1,3 +1,16 @@
+[27 Feb 2006] DSA-983-1 pdftohtml - several
+ {CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+ [sarge] - pdftohtml 0.36-11sarge2
+ NOTE: sid is not affected, just a revamp of previous patches
+[27 Feb 2006] DSA-982-1 gpdf - several
+ {CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+ [sarge] - pgdf 2.8.2-1.2sarge4
+ NOTE: sid is not affected, just a revamp of previous patches
+[26 Feb 2006] DSA-981-1 bmv - integer overflow
+ {CVE-2005-3278}
+ [woody] - bmv 1.2-14.3
+ [sarge] - bmv 1.2-17sarge1
+ NOTE: fixed in testing at the time of DSA
[22 Feb 2006] DSA-980-1 tutos - several
{CVE-2004-2161 CVE-2004-2162}
[sarge] - tutos 1.1.20031017-2+1sarge1