Author: stef-guest Date: 2006-05-05 07:34:53 +0000 (Fri, 05 May 2006) New Revision: 3917 Modified: data/CVE/list Log: firefox fixed in 1.5.0.3 new linux sctp issue new quagga issue couldn''t find cve for new mysql issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-03 21:14:23 UTC (rev 3916) +++ data/CVE/list 2006-05-05 07:34:53 UTC (rev 3917) @@ -1,5 +1,10 @@ CVE-2006-2161 RESERVED +CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution] + - mysql-dfsg-5.0 5.0.21-1 (bug #365939) + - mysql-dfsg-4.1 <unfixed> (bug #365939) + - mysql-dfsg <unfixed> (bug #365939) + - mysql <unfixed> (bug #365939) CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...) TODO: check CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...) @@ -396,7 +401,7 @@ CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...) NOT-FOR-US: FlexBB CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...) - - firefox 1.5.dfsg+1.5.0.2-2 + - firefox 1.5.dfsg+1.5.0.3-1 [sarge] - mozilla-firefox <not-affected> CVE-2006-XXXX [typo3 mailforms can be abused to send spam] - typo3-src <unfixed> (bug #364350) @@ -1564,8 +1569,9 @@ NOTE: default configuration. CVE-2006-1528 RESERVED -CVE-2006-1527 +CVE-2006-1527 [SCTP conntrack: fix infinite loop] RESERVED + - linux-2.6 2.6.16-12 (low) CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...) - xorg-server 1:1.0.2-8 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...) @@ -1580,8 +1586,9 @@ RESERVED CVE-2006-1520 RESERVED -CVE-2006-1519 +CVE-2006-1519 [quagga RIPD unauthenticated route injection] RESERVED + - quagga 0.99.3-2 (bug #365940) CVE-2006-1518 RESERVED CVE-2006-1517