Author: jmm-guest
Date: 2006-03-31 09:31:00 +0000 (Fri, 31 Mar 2006)
New Revision: 3725
Modified:
data/CVE/list
Log:
new s390 kernel dos (fixed)
corrected flex CVE
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-31 09:14:22 UTC (rev 3724)
+++ data/CVE/list 2006-03-31 09:31:00 UTC (rev 3725)
@@ -1245,12 +1245,6 @@
NOT-FOR-US: SPiD
CVE-2006-0975
REJECTED
- - flex 2.5.33-1
- NOTE: There are other package affected by this vulnerability
- NOTE: Martin Pitt has built a list for ubuntu and also mentionned that
- NOTE: "Coordination with Debian has happened".
- NOTE: Could someone aware about this please update this entry?
- NOTE: See : https://launchpad.net/distros/ubuntu/+source/flex/+bug/30940
CVE-2006-0974 (Cross-site scripting (XSS) vulnerability in failure.asp in
Battleaxe ...)
NOT-FOR-US: bttlxeForum 2.0
CVE-2006-0973 (SQL injection vulnerability in topics.php in Appalachian State
...)
@@ -2483,12 +2477,14 @@
- bomberclone 0.11.6.2-1
CVE-2006-0459 (flex.skl in Will Estes and John Millaway Fast Lexical Analyzer
...)
{DSA-1020-1}
+ - flex 2.5.33-1
CVE-2006-0458 (The DCC ACCEPT command handler in irssi before ...)
TODO: check
CVE-2006-0457 (Race condition in the (1) add_key, (2) request_key, and (3)
keyctl ...)
- linux-2.6 <unfixed>
-CVE-2006-0456
+CVE-2006-0456 [kernel: strlen_user() DoS on s390]
RESERVED
+ - linux-2.6 2.6.16-1
CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature
...)
{DSA-978-1}
- gnupg 1.4.2.2-1 (bug #353017; bug #353019; bug #354620; medium)