Moritz Muehlenhoff
2006-Mar-13 11:29 UTC
[Secure-testing-commits] r3605 - in data: CVE DSA
Author: jmm-guest
Date: 2006-03-13 11:28:56 +0000 (Mon, 13 Mar 2006)
New Revision: 3605
Modified:
data/CVE/list
data/DSA/list
Log:
three new issues
new DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-13 09:14:19 UTC (rev 3604)
+++ data/CVE/list 2006-03-13 11:28:56 UTC (rev 3605)
@@ -1,4 +1,10 @@
-CVE-2006-1166
+CVE-2006-XXXX [gallery2: local file inclusion]
+ - gallery2 2.0.4-1
+CVE-2006-XXXX [Unspecified security problem in Peercast]
+ - peercast 0.1217-1
+CVE-2006-XXXX [Directory traversal issue in Namazu2]
+ - namazu2 2.0.16-1
+CVE-2006-1166 [Lua code execution in Monotone]
- monotone <unfixed> (low)
NOTE: Needs a case-insensitive file system (e.g. VFAT or Samba) on
NOTE: the client.
@@ -499,7 +505,7 @@
CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1
and ...)
TODO: check
CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in
RandomIV ...)
- TODO: check
+ - libcrypt-cbc-perl 2.17-1
CVE-2006-0897 (SQL injection vulnerability in Virtual Program Management
Intranet ...)
TODO: check
CVE-2006-0896 (Cross-site scripting (XSS) vulnerability in Sources/Register.php
in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-03-13 09:14:19 UTC (rev 3604)
+++ data/DSA/list 2006-03-13 11:28:56 UTC (rev 3605)
@@ -1,3 +1,7 @@
+[13 Mar 2006] DSA-996-1 libcrypt-cbc-perl - programming error
+ {CVE-2006-0898}
+ [sarge] - libcrypt-cbc-perl 2.12-1sarge1
+ NOTE: fixed in testing at the time of DSA
[13 Mar 2006] DSA-995-1 metamail - buffer overflow
{CVE-2006-0709}
[woody] - metamail 2.7-45woody.4