Secure testing commits - Jun 2006 - r4179 - data/CVE

Author: fw
Date: 2006-06-12 19:09:47 +0000 (Mon, 12 Jun 2006)
New Revision: 4179

Modified:
   data/CVE/list
Log:
CVE-2006-2802: xine-lib fixed (and another, currently unnamed issue)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-06-12 12:42:14 UTC (rev 4178)
+++ data/CVE/list	2006-06-12 19:09:47 UTC (rev 4179)
@@ -283,7 +283,7 @@
 CVE-2006-2803 (Multiple cross-site scripting (XSS) vulnerabilities in PHP
ManualMaker ...)
 	NOT-FOR-US: PHP ManualMaker
 CVE-2006-2802 (Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for
xine-lib ...)
-	- xine-lib <unfixed> (bug #369876; medium)
+	- xine-lib 1.1.1-2 (bug #369876; medium)
 CVE-2006-2801 (Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and
earlier ...)
 	NOT-FOR-US: Unak CMS
 CVE-2006-2800 (Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS
1.5 ...)
@@ -667,7 +667,7 @@
 CVE-2006-2644 (AWStats 6.5, and possibly other versions, allows remote
authenticated ...)
 	TODO: check
 CVE-2006-XXXX [libxine1 overflow via a specially-crafted AVI file]
-	- xine-lib <unfixed> (bug #369876; medium)
+	- xine-lib 1.1.1-2 (bug #369876; medium)
 CVE-2006-XXXX [specialy crafted WAV turns mkvmerge into a malloc bomb]
 	- mkvtoolnix <unfixed> (bug #370144; low)
 CVE-2006-XXXX [''Cache'' shell injection vulnerability]