Author: jmm-guest Date: 2006-04-14 10:01:15 +0000 (Fri, 14 Apr 2006) New Revision: 3803 Modified: data/CVE/list Log: xscreensaver wasn''t fully fixed in 4.16 (per vendor-sec) 4 new kernel issues new xgzv issue older wine issue unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-14 09:25:15 UTC (rev 3802) +++ data/CVE/list 2006-04-14 10:01:15 UTC (rev 3803) @@ -309,7 +309,7 @@ CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer TuxBank ...) TODO: check CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, ...) - - xscreensaver 4.16-1 (low) + - xscreensaver 4.18-1 (low) CVE-2006-XXXX [linphone insecure password leakage] - linphone <unfixed> (bug #361913) CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root when the ...) @@ -628,12 +628,13 @@ RESERVED CVE-2006-1525 RESERVED -CVE-2006-1524 +CVE-2006-1524 [kernel: tmpfs local data destruction] RESERVED + - linux-2.6 <unfixed> CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling ...) - TODO: check + - linux-2.6 <unfixed> CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 ...) - TODO: check + - linux-2.6 <unfixed> CVE-2006-1521 RESERVED CVE-2006-1520 @@ -1670,7 +1671,7 @@ [woody] - curl <not-affected> (Vulnerable code not present) [sarge] - curl <not-affected> (Vulnerable code not present) CVE-2006-1060 (Heap-based buffer overflow in xzgv allows user-complicit attackers to ...) - TODO: check + - xzgv <unfixed> (bug #362288; medium) CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine ...) - samba 3.0.22-1 [woody] - samba <not-affected> @@ -2347,8 +2348,9 @@ - xorg-x11 6.9.0.dfsg.1-5 (bug #360388; medium) - xorg-server 1:1.0.2-1 - xfree86 <not-affected> -CVE-2006-0744 +CVE-2006-0744 [x86_64: When user could have changed RIP always force IRET] RESERVED + - linux-2.6 <unfixed> CVE-2006-0743 (Format string vulnerability in LocalSyslogAppender in Apache log4net ...) NOT-FOR-US: Log4Net CVE-2006-0742 (The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux ...) @@ -10532,7 +10534,8 @@ CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall ...) NOT-FOR-US: Trend Micro InterScan VirusWall CVE-2005-XXXX [wine: Unsafe use of temporary files in winelauncher] - - wine 0.0.20050830-1 (bug #321470; low) + - wine 0.0.20050830-1 (bug #321470; unimportant) + NOTE: Not shipped in binary package CVE-2005-XXXX [DoS to users to prevent usage of showpartial through _hard_ links] - metamail 2.7-48 (bug #321473; low) [sarge] - metamail <no-dsa> (Hardly exploitable, minor Dos) @@ -11054,10 +11057,8 @@ CVE-2004-2265 (UUDeview 0.5.20 and earlier handles temporary files insecurely during ...) - uudeview <unfixed> (bug #320541; medium) NOTE: uudeview apparetly not vulnerable, unsafe code is not called (#358500) - TODO: check libconvert-uulib-perl, Florian Weimer is looking at libconvert-uulib-perl - TODO: Check, to which extent #242999 applies (there might be more?) CVE-2004-2264 (** DISPUTED ** ...) - NOTE: less is not suid, explotability unlikely + - less <not-affected> (less is not suid, explotability unlikely) CVE-2004-2263 (SQL injection vulnerability in the valid function in fr_left.php in ...) NOT-FOR-US: PlaySMS CVE-2004-2262 (ImageManager in e107 before 0.617 does not properly check the types of ...)