Moritz Muehlenhoff
2006-Apr-05 20:39 UTC
[Secure-testing-commits] r3755 - in data: CVE DSA
Author: jmm-guest
Date: 2006-04-05 20:38:40 +0000 (Wed, 05 Apr 2006)
New Revision: 3755
Modified:
data/CVE/list
data/DSA/list
Log:
clamav fixed
two more issues marked as non-issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-04-05 14:37:37 UTC (rev 3754)
+++ data/CVE/list 2006-04-05 20:38:40 UTC (rev 3755)
@@ -2,7 +2,7 @@
- openvpn <unfixed> (bug #360559; medium)
CVE-2006-1614 [clamav 0.88.1 integer overflow]
- clamav 0.88.1-1
-CVE-2006-XXXX [clamav 0.88.1 fix possible crash in cli_bitset_test()]
+CVE-2006-1630 [clamav 0.88.1 fix possible crash in cli_bitset_test()]
- clamav 0.88.1-1
CVE-2006-1615 [clamav 0.88.1 format string flaws]
- clamav 0.88.1-1
@@ -3174,6 +3174,7 @@
NOT-FOR-US: freebsd kernel
CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary
commands ...)
- openssh <unfixed> (low; bug #349645; bug #352254)
+ [sarge] - openssh <no-dsa> (Protocol flaws inherited from rcp)
- dropbear 0.48-1 (unimportant)
NOTE: dropbear doesn''t include scp in binary package
CVE-2006-0224 (Buffer overflow in Library of Assorted Spiffy Things (LibAST)
0.6.1 ...)
@@ -9061,7 +9062,8 @@
CVE-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message
Queuing (CAM ...)
NOT-FOR-US: Computer Associates
CVE-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other
...)
- - openssh 1:4.0p1-1 (low)
+ - openssh 1:4.0p1-1 (unimportant)
+ NOTE: Lack of a security feature, not a vulnerability
CVE-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through
PL7, ...)
NOT-FOR-US: elm-me+ is no longer in unstable or testing
CVE-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords
in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-04-05 14:37:37 UTC (rev 3754)
+++ data/DSA/list 2006-04-05 20:38:40 UTC (rev 3755)
@@ -1,3 +1,6 @@
+[05 Jan 2006] DSA-947-1 clamav - heap overflow
+ {CVE-2006-1614 CVE-2006-1615 CVE-2006-1630}
+ [sarge] - clamav 0.84-2.sarge.8
[05 Apr 2006] DSA-1023-1 kaffeine - buffer overflow
{CVE-2006-0051}
[sarge] - kaffeine 0.6-1sarge1