Author: joeyh Date: 2006-06-03 20:40:54 +0000 (Sat, 03 Jun 2006) New Revision: 4130 Modified: data/CVE/list Log: a couple of already fixed bugs noticed by Francesco Poli Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-03 19:30:11 UTC (rev 4129) +++ data/CVE/list 2006-06-03 20:40:54 UTC (rev 4130) @@ -2822,7 +2822,7 @@ - fftw <unfixed> (bug #358157; low) [sarge] - fftw <not-affected> (No rpath set in Sarge) CVE-2006-XXXX [gauche-config rpath set to user home] - - gauche <unfixed> (bug #358139; low) + - gauche 0.8.7-1 (bug #358139; low) [sarge] - gauche <not-affected> (gauche-config is a shell script in Sarge) CVE-2006-XXXX [tcpquota rpath set to user home] - tcpquota <unfixed> (bug #358369; low) @@ -8767,7 +8767,9 @@ CVE-2005-3650 (The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the ...) NOT-FOR-US: Sony Root Kit Uninstaller CVE-2005-3649 (jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users ...) - - moodle <unfixed> (bug #338592; low) + NOTE: only exploitable in certian configurations (non-default) + NOTE: warning added.. + - moodle 1.5.3+20060108-1 (bug #338592; low) [sarge] - moodle <no-dsa> (Only exploitable in strange PHP setups) CVE-2005-3648 (Multiple SQL injection vulnerabilities in the get_record function in ...) - moodle <unfixed> (bug #338592; low) @@ -14299,7 +14301,7 @@ [woody] - amd64-libs <not-affected> (Woody contains zlib 1.1, which is not affected) - amd64-libs 1.3 (bug #317970; medium) [woody] - ia32-libs <not-affected> (Woody contains zlib 1.1, which is not affected) - - ia32-libs <unfixed> (bug #317971; medium) + - ia32-libs 1.6 (bug #317971; medium) - dar <not-affected> (zlib not used on unstrusted input, see #317989) [woody] - bacula <not-affected> (Woody contains zlib 1.1, which is not affected) - bacula 1.36.3-2 (bug #318014; medium)