Author: alec-guest
Date: 2006-06-17 15:51:54 +0000 (Sat, 17 Jun 2006)
New Revision: 4262
Modified:
data/CVE/list
Log:
* CVE-2005-2991 (ncompress): not-affected
* CVE-2005-2491 (gnumeric): fixed
* CVE-2005-2096 (systemimager-ssh): not-affected
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-17 15:24:44 UTC (rev 4261)
+++ data/CVE/list 2006-06-17 15:51:54 UTC (rev 4262)
@@ -11915,7 +11915,8 @@
CVE-2005-2993 (Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64
UNIX ...)
NOT-FOR-US: HP Tru64
CVE-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite
arbitrary ...)
- - ncompress <unfixed> (bug #329052; unimportant)
+ - ncompress <not-affected> (bug #329052; unimportant)
+ NOTE: see bug close message, Debian''s ncompress doesn''t
expose affected scripts
CVE-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary
files ...)
{DSA-843-1}
- arc 5.21m-1 (low)
@@ -13515,7 +13516,7 @@
CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular
...)
{DSA-821-1 DSA-819-1 DSA-817-1 DSA-800-1 DTSA-10-1}
- pcre3 6.3-1 (bug #324531; medium)
- - gnumeric <unfixed> (bug #326628; bug #326898; unimportant)
+ - gnumeric 1.5.1-1 (bug #326628; bug #326898; unimportant)
- goffice 0.1.0-3 (bug #326898; unimportant)
NOTE: gnumeric/goffice includes one as well; not exploitable as affected code
not used
- python2.1 2.1.3dfsg-3 (medium)
@@ -15296,7 +15297,8 @@
- rpm 4.0.4-31.1 (bug #318099; unimportant)
NOTE: You need to trust rpms anyway, when installing them
- rageircd 2.0.0-3sid1 (bug #309196; medium)
- - systemimager-ssh <unfixed> (bug #318101; unimportant)
+ - systemimager-ssh <not-affected> (bug #318101; unimportant)
+ NOTE: see dannf''s first bug comment; systemimager-ssh
doesn''t use compression
[woody] - texmacs <not-affected> (Woody contains zlib 1.1, which is not
affected)
- texmacs 1:1.0.5-3 (bug #318100; medium)
- zlib 1:1.2.2-7 (bug #317133; medium)