Author: alec-guest
Date: 2006-06-17 06:33:26 +0000 (Sat, 17 Jun 2006)
New Revision: 4254
Modified:
data/CVE/list
Log:
* CVE-2005-3896 (firefox): not a security bug, and not reproducible after
1.5.dfsg-1
* CVE-2005-3279 (bmv): fixed
* CVE-2005-1852 (kopete): fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-17 06:07:39 UTC (rev 4253)
+++ data/CVE/list 2006-06-17 06:33:26 UTC (rev 4254)
@@ -9020,7 +9020,9 @@
NOT-FOR-US: Safari
NOTE: Not reproducible with konqueror 4:3.4.2-4.
CVE-2005-3896 (Mozilla allows remote attackers to cause a denial of service
(CPU ...)
- - firefox <unfixed> (bug #340283; bug #345469; low)
+ NOTE: maintainers don''t believe it is a security bug and
can''t reproduce
+ NOTE: after 1.5.dfsg-1
+ - firefox 1.5.dfsg-1 (bug #340283; bug #345469; low)
NOTE: mozilla-firefox became a transitional package so not vulnerable
- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #340283; bug #345469; low)
- mozilla <unfixed> (bug #340282; low)
@@ -11065,7 +11067,7 @@
CVE-2005-3280 (Paros 3.2.5 uses a default password for the
"sa" account in the ...)
NOT-FOR-US: Paros
CVE-2005-3279 (Stack-based buffer overflow in the vgasco_printf function in Jan
Kybic ...)
- - bmv <unfixed> (bug #335497; unimportant)
+ - bmv 1.2-18 (bug #335497; unimportant)
NOTE: Vulnerable code not activated in binary package
CVE-2005-3278 (Integer overflow in the openpsfile function in gsinterf.c for
Jan ...)
{DSA-981-1}
@@ -16591,7 +16593,7 @@
- gopher 3.0.8 (low)
CVE-2005-1852 (Multiple integer overflows in libgadu, as used in Kopete in KDE
3.2.3 ...)
{DSA-767-1 DTSA-4-1}
- - kopete <unfixed> (bug #319443; unimportant)
+ - kopete 4:3.3.2-5 (bug #319443; unimportant)
NOTE: Kopete embeds the vulnerable code, but it''s only used as a
fallback when
NOTE: no shared lib version is found. As the Debian package has a dependency
on
NOTE: it the maintainer does not intent to fix it, see # 319443
@@ -19949,7 +19951,7 @@
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
CVE-2005-0869 (phpSysInfo 2.3 allows remote attackers to obtain sensitive
information ...)
- - phpsysinfo <unfixed> (bug #301118; unimportant)
+ - phpsysinfo 2.3-3 (bug #301118; unimportant)
CVE-2005-0868 (AS/400 Telnet 5250 terminal emulation clients, as implemented by
(1) ...)
- tn5250 <not-affected> (cannot find STRPCO or STRPCCMD in tn5250)
CVE-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to
overwrite ...)