Moritz Muehlenhoff
2006-Mar-23 09:50 UTC
[Secure-testing-commits] r3667 - in data: CVE DSA
Author: jmm-guest
Date: 2006-03-23 09:49:37 +0000 (Thu, 23 Mar 2006)
New Revision: 3667
Modified:
data/CVE/list
data/DSA/list
Log:
sendmail DSA
firebird2 DSA
sa-exim fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-22 21:55:15 UTC (rev 3666)
+++ data/CVE/list 2006-03-23 09:49:37 UTC (rev 3667)
@@ -1,5 +1,3 @@
-CVE-2006-2043 [firebird2 remote DoS]
- - firebird2 1.5.3.4870-3 (bug #357580)
CVE-2006-1341 (SQL injection vulnerability in events.php in Maian Events 1.0
allows ...)
NOT-FOR-US: Maian Events
CVE-2006-1340 (CuteNews 1.4.1 and possibly other versions allows remote
attackers to ...)
@@ -177,7 +175,7 @@
CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar
(LWC) ...)
TODO: check
CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to
delete ...)
- - sa-exim <unfixed> (bug #345071; bug #356301)
+ - sa-exim 4.2.1-1 (bug #345071; bug #356301)
CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail
before 4.3 ...)
TODO: check
CVE-2006-1249 (** UNVERIFIABLE, PRERELEASE ** ...)
@@ -3106,9 +3104,9 @@
RESERVED
CVE-2006-0059
RESERVED
-CVE-2006-0058 [sendmail integer overflows]
+CVE-2006-0058 [sendmail sighandler attacks]
RESERVED
- - sendmail <unfixed>
+ - sendmail 8.13.6-1 (high)
CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote
attackers ...)
NOT-FOR-US: Windows
CVE-2006-0056 (Double-free vulnerability in the authentication and
authentication ...)
@@ -13453,7 +13451,7 @@
CVE-2004-2044 (PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase
such ...)
NOT-FOR-US: no_package
CVE-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other
...)
- NOT-FOR-US: no_package
+ - firebird2 1.5.3.4870-3 (bug #357580)
CVE-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow
remote ...)
NOT-FOR-US: no_package
CVE-2004-2041 (PHP remote code injection vulnerability in secure_img_render.php
in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-03-22 21:55:15 UTC (rev 3666)
+++ data/DSA/list 2006-03-23 09:49:37 UTC (rev 3667)
@@ -1,3 +1,10 @@
+[23 Mar 2006] DSA-1015-1 sendmail - programming error
+ {CVE-2006-0058}
+ [woody] - sendmail 8.12.3-7.2
+ [sarge] - sendmail 8.13.4-3sarge1
+[23 Mar 2006] DSA-1014-1 firebird2 - buffer overflow
+ {CVE-2004-2043}
+ [sarge] - firebird2 1.5.1-4sarge1
[22 Mar 2006] DSA-1013-1 snmptrapfmt - insecure temporary file
{CVE-2006-0050}
[woody] - snmptrapfmt 1.03woody1