thr3ads.net - Secure testing commits - [Secure-testing-commits] r3668

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Mar-23 10:25 UTC

[Secure-testing-commits] r3668 - data/CVE

Author: jmm-guest
Date: 2006-03-23 10:24:34 +0000 (Thu, 23 Mar 2006)
New Revision: 3668

Modified:
   data/CVE/list
Log:
mark three flash issues as no-dsa
readjust older icecast issues upstream has evaluated as non-issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-23 09:49:37 UTC (rev 3667)
+++ data/CVE/list	2006-03-23 10:24:34 UTC (rev 3668)
@@ -4668,6 +4668,7 @@
 	RESERVED
 CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player
8.0.22.0 ...)
 	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash
plugin)
 CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and
possibly ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0022
@@ -5685,6 +5686,7 @@
 	NOT-FOR-US: CuteNews
 CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and
earlier ...)
 	- flashplugin-nonfree 7.0.61-1 (bug #339290; high)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash
plugin)
 CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow
remote ...)
 	NOT-FOR-US: FileZilla
 CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook
2.2 ...)
@@ -8597,6 +8599,7 @@
 	- helix-player 1.0.6-1 (bug #340270; medium)
 CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to
...)
 	- flashplugin-nonfree 7.0.61-1.1 (bug #339290; high)
+	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash
plugin)
 CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow
remote ...)
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
@@ -15847,9 +15850,11 @@
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 CVE-2005-0838 (Multiple buffer overflows in the XSL parser for IceCast 2.20 may
allow ...)
-	- icecast2 <unfixed> (bug #301368; low)
+	- icecast2 <unfixed> (bug #301368; unimportant)
+	NOTE: According to upstream a non-issue
 CVE-2005-0837 (IceCast 2.20 allows remote attackers to bypass the XSL parser
and ...)
-	- icecast2 <unfixed> (bug #301368; low)
+	- icecast2 <unfixed> (bug #301368; unimportant)
+	NOTE: According to upstream a non-issue
 CVE-2005-0836 (Argument injection vulnerability in Java Web Start for J2SE
1.4.2 up ...)
 	NOT-FOR-US: Java Web Start for proprietary Sun Java
 CVE-2005-0835 (The SNMP service in the Belkin 54G (F5D7130) wireless router
allows ...)

Secure testing commits - Mar 2006 - r3668 - data/CVE

[Secure-testing-commits] r3668 - data/CVE