Author: jmm-guest Date: 2006-04-03 14:39:10 +0000 (Mon, 03 Apr 2006) New Revision: 3736 Modified: data/CVE/list Log: three more no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-03 12:31:12 UTC (rev 3735) +++ data/CVE/list 2006-04-03 14:39:10 UTC (rev 3736) @@ -7578,6 +7578,7 @@ - flexbackup <unfixed> (bug #334350; low) CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade] - xscreensaver 4.23-2 (bug #334193; low) + [sarge] - xscreensaver <no-dsa> (Unproblematic for users running stable) CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...) - wget 1.10.2-1 (medium) [sarge] - wget <not-affected> (Does not contain NTML authentication code) @@ -7824,6 +7825,7 @@ - barrendero 1.1-1 (bug #279163) CVE-2005-XXXX [hdup inproperly preserves permissions on directories] - hdup <unfixed> (bug #302790; low) + [sarge] - hdup <no-dsa> (Mostly a bug, very limited security implications) CVE-2001-XXXX [crypt++ passes passwords through the command line] - crypt++el <unfixed> (bug #105562; low) NOTE: Sarge and Woody are affected @@ -7862,6 +7864,7 @@ - rkhunter 1.2.7-14 (bug #330627; medium) CVE-2005-XXXX [fprobe-ng: Insecure default hash] - fprobe-ng <unfixed> (bug #322699; low) + [sarge] - fprobe-ng <no-dsa> (Hardly exploitable) CVE-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...) NOT-FOR-US: Movable Type CVE-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 ...)