Author: joeyh
Date: 2006-06-10 09:14:25 +0000 (Sat, 10 Jun 2006)
New Revision: 4169
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-10 08:52:31 UTC (rev 4168)
+++ data/CVE/list 2006-06-10 09:14:25 UTC (rev 4169)
@@ -634,6 +634,7 @@
CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from
memory ...)
NOT-FOR-US: VMware Server
CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause
a ...)
+ {DSA-1095-1}
TODO: check
CVE-2006-2660
RESERVED
@@ -672,6 +673,7 @@
CVE-2006-XXXX [''Cache'' shell injection vulnerability]
- wordpress 2.0.3-1 (high; bug #369014)
CVE-2006-2753 (SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and
5.0.x ...)
+ {DSA-1092-1}
- mysql-dfsg <not-affected> (Vulnerable code was introduced in 4.1)
- mysql <not-affected> (Vulnerable code was introduced in 4.1)
- mysql-dfsg-5.0 5.0.22-1 (bug #369735; medium)
@@ -679,6 +681,7 @@
CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to
cause ...)
- courier 0.53.2-1 (bug #368834)
CVE-2006-2656 (Stack-based buffer overflow in the tiffsplit command in libtiff
3.8.2 ...)
+ {DSA-1091-1}
- tiff 3.8.2-3 (bug #369819; low)
CVE-2006-2643 (Cross-site scripting (XSS) vulnerability in index.php in Monster
Top ...)
NOT-FOR-US: Monster Top List
@@ -1014,6 +1017,7 @@
NOT-FOR-US: IntelliTampe
CVE-2006-2493
REJECTED
+ {DSA-1095-1}
CVE-2005-1755 (PHP remote code injection vulnerability in poll_vote.php in PHP
Poll ...)
NOT-FOR-US: PHP Poll Creator
CVE-2005-1754 (JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16,
...)
@@ -1119,6 +1123,7 @@
CVE-2006-2448
RESERVED
CVE-2006-2447 (SpamAssassin before 3.1.3, when running with vpopmail and the
paranoid ...)
+ {DSA-1090-1}
- spamassassin 3.1.3-1 (medium)
CVE-2006-2446
RESERVED
@@ -1593,6 +1598,7 @@
CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in
addguest.cgi in ...)
NOT-FOR-US: Big Webmaster Guestbook Script
CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in
xine ...)
+ {DSA-1093-1}
- xine-ui <unfixed> (medium; bug #363370)
CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the
--management ...)
- openvpn <unfixed> (unimportant)
@@ -1685,6 +1691,7 @@
CVE-2006-2194
RESERVED
CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf
in libtiff ...)
+ {DSA-1091-1}
- tiff 3.8.2-4 (bug #371064; medium)
CVE-2006-2191
RESERVED
@@ -2458,6 +2465,7 @@
CVE-2006-1862 (The virtual memory implementation in Linux kernel 2.6.x allows
local ...)
TODO: check
CVE-2006-1861 (Multiple integer overflows in FreeType before 2.2 allow remote
...)
+ {DSA-1095-1}
- freetype 2.2.1-1
CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows
...)
- linux-2.6 2.6.16-14
@@ -5167,6 +5175,7 @@
[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (high)
- xulrunner 1.8.0.1-9
CVE-2006-0747 (integer underflow in Freetype before 2.2 allows remote attackers
to ...)
+ {DSA-1095-1}
TODO: check
CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches
from xpdf ...)
{DSA-1008-1}