Author: jmm-guest
Date: 2006-03-15 12:12:03 +0000 (Wed, 15 Mar 2006)
New Revision: 3618
Modified:
data/CVE/list
Log:
gallery2 CVEfied
new darcsweb issue
remove old webcalendar issue, which was false alarm
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-15 09:24:59 UTC (rev 3617)
+++ data/CVE/list 2006-03-15 12:12:03 UTC (rev 3618)
@@ -1,7 +1,9 @@
+CVE-2006-XXXX [Insufficient filename sanitising in darcsweb]
+ - darcsweb 0.15-1
CVE-2006-1220 (Integer overflow in the mach_msg_send function in the kernel for
Mac ...)
TODO: check
CVE-2006-1219 (Directory traversal vulnerability in Gallery 2.0.3 and earlier,
and ...)
- TODO: check
+ - gallery2 2.0.4-1
CVE-2006-1218 (Unspecified vulnerability in the HTTP proxy in Novell
BorderManager ...)
TODO: check
CVE-2006-1217 (SQL injection vulnerability in DSPoll 1.1 allows remote
attackers to ...)
@@ -182,8 +184,6 @@
TODO: check
CVE-2005-4729 (SQL injection vulnerabilitiy in show.php in VBZooM Forum allows
remote ...)
TODO: check
-CVE-2006-XXXX [gallery2: local file inclusion]
- - gallery2 2.0.4-1
CVE-2006-XXXX [Unspecified security problem in Peercast]
- peercast 0.1217-1
CVE-2006-XXXX [Directory traversal issue in Namazu2]
@@ -5916,8 +5916,6 @@
- drupal 4.5.5-3 (bug #336719; medium)
CVE-2005-XXXX [double free() in libungif]
- libungif4 4.1.4-1 (bug #338542; medium)
-CVE-2005-XXXX [webcalendar''s password visible to local users through
debconf]
- - webcalendar <unfixed> (bug #337624)
CVE-2005-3523 (Format string vulnerability in friendsd2 in GpsDrive allows
remote ...)
{DSA-891-1}
- gpsdrive 2.09-2sarge1 (bug #337495; medium)