Secure testing commits - Mar 2006 - r3711 - data/CVE

Author: jmm-guest
Date: 2006-03-29 22:50:49 +0000 (Wed, 29 Mar 2006)
New Revision: 3711

Modified:
   data/CVE/list
Log:
new critical horde issue
new minor php info leak
libimager CVEfied
bugnums


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-29 09:14:24 UTC (rev 3710)
+++ data/CVE/list	2006-03-29 22:50:49 UTC (rev 3711)
@@ -1,3 +1,8 @@
+CVE-2006-1491 [horde3 eval injection()]
+	- horde3 <unfixed>
+CVE-2006-1490 [PHP information leak]
+	- php5 <unfixed> (bug #359904; low)
+	- php4 <unfixed> (bug #359907; low)
 CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain
the ...)
 	TODO: check
 CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign
SupportTrio ...)
@@ -195,6 +200,7 @@
 CVE-2006-XXXX [libimager-perl DoS]
 	- libimager-perl <unfixed> (bug #359661)
 	NOTE: requested ID from Joey
+>>>>>>> .r3710
 CVE-2006-1396 (Multiple cross-site scripting (XSS) vulnerabilities in Cholod
MySQL ...)
 	TODO: check
 CVE-2006-1395 (SQL injection vulnerability in mb.cgi in Cholod MySQL Based
Message ...)
@@ -1277,7 +1283,7 @@
 CVE-2006-0904
 	RESERVED
 CVE-2006-0903 (MySQL 5.0.18 and earlier allows local users to bypass logging
...)
-	- mysql-dfsg-5.0 <unfixed> (bug filed)
+	- mysql-dfsg-5.0 <unfixed> (bug #359701)
 CVE-2006-0902
 	RESERVED
 CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8,
9, and ...)
@@ -3478,8 +3484,9 @@
 	- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
 	NOTE: Exploitable through Gnus and Thunderbird.
 	- graphicsmagick 1.1.7-1
-CVE-2006-0053
+CVE-2006-0053 [libimager-perl DoS]
 	RESERVED
+	- libimager-perl <unfixed> (bug #359661)
 CVE-2006-0052 [Scrubber.py mailman dos]
 	RESERVED
 	- mailman <unfixed> (bug #358892)
@@ -4379,7 +4386,7 @@
 CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	- nag2 2.0.4-1 (bug #342945; medium)
 CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
...)
-	- horde3 3.0.9-1 (bug #342942; medium)
+	- horde3 3.0.9-1 (bug #342942; bug #354512; medium)
 CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
Kronolith ...)
 	{DSA-970-1}
 	- kronolith2 2.0.6-1 (bug #342943; medium)