Moritz Muehlenhoff
2006-Mar-23 14:11 UTC
[Secure-testing-commits] r3672 - in data: CVE DSA
Author: jmm-guest
Date: 2006-03-23 14:10:32 +0000 (Thu, 23 Mar 2006)
New Revision: 3672
Modified:
data/CVE/list
data/DSA/list
Log:
evolution DSA
further no-dsa and cleanups of older issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-23 13:59:03 UTC (rev 3671)
+++ data/CVE/list 2006-03-23 14:10:32 UTC (rev 3672)
@@ -4782,8 +4782,8 @@
CVE-2005-3913 (Unspecified vulnerability in the domain alias management in
Virtual ...)
NOT-FOR-US: Virtual Hosting Control System
CVE-2005-3912 (Format string vulnerability in miniserv.pl Perl web server in
Webmin ...)
- - perl 5.8.7-9 (bug #341542; medium)
- NOTE: No longer exploitable with fixed Perl, thus no dedicated Webmin updated
+ - webmin <not-affected> (Fixed through corrected Perl)
+ NOTE: No longer exploitable with Perl 5.8.7-9, thus no dedicated Webmin
updated
CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in
BosDates 4.0 ...)
NOT-FOR-US: BosDates
CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier,
with ...)
@@ -6567,6 +6567,7 @@
NOTE: fixed in libxaw7
- xorg-x11 <unfixed> (bug #172890; low)
- xfree86 <removed>
+ [sarge] - xfree86 <no-dsa>
CVE-2005-3339 (Mantis before 0.19.3 caches the User ID longer than necessary,
which ...)
{DSA-905-1}
- mantis 0.19.3-0.1 (bug #330682; unknown)
@@ -7327,6 +7328,7 @@
[woody] - coreutils <no-dsa> (Minor issue, hardly exploitable)
CVE-2005-XXXX [tar''s rmt command may have undesired side effects]
- tar <unfixed> (bug #290435; low)
+ [sarge] - tar <no-dsa> (Hardly exploitable)
CVE-2005-XXXX [clamav''s VERSION command does not return the currently
loaded version]
NOTE: no exploit vector, just bad info
- clamav <unfixed> (bug #323803; unimportant)
@@ -9465,6 +9467,7 @@
- wine 0.0.20050830-1 (bug #321470; low)
CVE-2005-XXXX [DoS to users to prevent usage of showpartial through _hard_
links]
- metamail 2.7-48 (bug #321473; low)
+ [sarge] - metamail <no-dsa> (Hardly exploitable, minor Dos)
CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other
security issues]
- xfree86 <unfixed> (bug #321447; low)
[woody] - xfree86 <no-dsa> (Hardly exploitable)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-03-23 13:59:03 UTC (rev 3671)
+++ data/DSA/list 2006-03-23 14:10:32 UTC (rev 3672)
@@ -1,3 +1,7 @@
+[23 Mar 2006] DSA-1016-1 evolution - format string vulnerabilities
+ {CVE-2005-2549 CVE-2005-2550}
+ [woody] - evolution 1.0.5-1woody3
+ [woody] - evolution 2.0.4-2sarge1
[23 Mar 2006] DSA-1015-1 sendmail - programming error
{CVE-2006-0058}
[woody] - sendmail 8.12.3-7.2