thr3ads.net - Secure testing commits - [Secure-testing-commits] r3753

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Apr-05 10:20 UTC

[Secure-testing-commits] r3753 - in data: . CVE DSA

Author: jmm-guest
Date: 2006-04-05 10:19:28 +0000 (Wed, 05 Apr 2006)
New Revision: 3753

Modified:
   data/CVE/list
   data/DSA/list
   data/ID_pending
Log:
new kaffeine DSA
amaya rpath not in Sarge
remove another issue not worth tracking


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/CVE/list	2006-04-05 10:19:28 UTC (rev 3753)
@@ -1229,6 +1229,7 @@
 	NOT-FOR-US: Kwik-Pay Payroll
 CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on
Debian ...)
 	- amaya 9.4-1 (bug #341424)
+	[sarge] - amaya <not-affected> (The Sarge version doesn''t have
an rpath set)
 CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on
little ...)
 	- runit <unfixed> (bug #356016; medium)
 	[sarge] - runit <not-affected>
@@ -14783,11 +14784,9 @@
 	RESERVED
 	NOTE: have not checked to see which security holes are in it exactly
 	- nvu <unfixed> (bug #306822; medium)
-CVE-2005-XXXX [eskuel: arbitrary file retrieving]
-	- eskuel 1.0.5-3.1 (bug #307270; low)
-CVE-2005-2356 [eskuel: No authentication at all]
+CVE-2005-2356
 	RESERVED
-	- eskuel <unfixed> (bug #163653; low)
+	NOTE: This was assigned to an eskuel non-issue before due to Red Hat typos
 CVE-2005-XXXX [Buffer overflow in elog''s header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool''s single DES
support]

Modified: data/DSA/list
==================================================================---
data/DSA/list	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/DSA/list	2006-04-05 10:19:28 UTC (rev 3753)
@@ -1,3 +1,6 @@
+[05 Apr 2006] DSA-1023-1 kaffeine - buffer overflow
+	{CVE-2006-0051}
+	[sarge] - kaffeine 0.6-1sarge1
 [04 Apr 2006] DSA-1022-1 storebackup - several
 	{CVE-2005-3146 CVE-2005-3147 CVE-2005-3148}
 	[sarge] - storebackup 1.18.4-2sarge1

Modified: data/ID_pending
==================================================================---
data/ID_pending	2006-04-05 08:20:25 UTC (rev 3752)
+++ data/ID_pending	2006-04-05 10:19:28 UTC (rev 3753)
@@ -337,8 +337,6 @@
 	- xtradius 1.2.1-beta2-2 (bug #307796; unimportant)
 CVE-2005-XXXX [fai tempfile vulnerability]
 	- fai 2.8.2
-CVE-2005-XXXX [eskuel: arbitrary file retrieving]
-	- eskuel 1.0.5-3.1 (bug #307270; low)
 CVE-2005-XXXX [Buffer overflow in elog''s header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool''s single DES
support]

Secure testing commits - Apr 2006 - r3753 - in data: . CVE DSA

[Secure-testing-commits] r3753 - in data: . CVE DSA