Author: stef-guest
Date: 2006-06-22 20:57:33 +0000 (Thu, 22 Jun 2006)
New Revision: 4280
Modified:
data/CVE/list
Log:
some closed bugs have been missed:
CVE-2006-1329: jabberd2 fixed
CVE-2006-1058: busybox fixed
CVE-2006-1664: libxine1 issue not reproducible
CVE-2006-151[678]: mysql, mysql-dfsg-4.1 removed from unstable+testing
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-22 02:27:26 UTC (rev 4279)
+++ data/CVE/list 2006-06-22 20:57:33 UTC (rev 4280)
@@ -3364,7 +3364,8 @@
CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab
Portal ...)
NOT-FOR-US: Arab Portal
CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and
...)
- - libxine1 <unfixed> (bug #363127; medium)
+ - libxine1 <not-affected> (not reproducible with Debian version)
+ NOTE: see bug #363127
CVE-2006-1663
REJECTED
CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows
remote ...)
@@ -3767,21 +3768,21 @@
CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in
MySQL ...)
{DSA-1079-1 DSA-1073-1 DSA-1071-1}
- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
- - mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
+ - mysql-dfsg-4.1 <removed> (bug #365939; medium)
- mysql-dfsg <removed> (bug #365939; bug #356751; medium)
- - mysql <unfixed> (bug #365939; medium)
+ - mysql <removed> (bug #365939; medium)
CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18,
and ...)
{DSA-1079-1 DSA-1073-1 DSA-1071-1}
- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
- - mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+ - mysql-dfsg-4.1 <removed> (bug #365939; low)
- mysql-dfsg <removed> (bug #365939; bug #356751; low)
- - mysql <unfixed> (bug #365939; low)
+ - mysql <removed> (bug #365939; low)
CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up
to ...)
{DSA-1079-1 DSA-1073-1 DSA-1071-1}
- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
- - mysql-dfsg-4.1 <unfixed> (bug #365939; low)
+ - mysql-dfsg-4.1 <removed> (bug #365939; low)
- mysql-dfsg <removed> (bug #365939; bug #356751; low)
- - mysql <unfixed> (bug #365939; low)
+ - mysql <removed> (bug #365939; low)
CVE-2006-1515 (Buffer overflow in the addnewword function in typespeed 0.4.4
and ...)
{DSA-1084-1}
- typespeed 0.4.4-10
@@ -4215,7 +4216,7 @@
CVE-2006-1330 (Multiple SQL injection vulnerabilities in phpWebsite 0.83 and
earlier ...)
NOT-FOR-US: phpWebsite
CVE-2006-1329 (The SASL negotiation in Jabber Studio jabberd before 2.0s11
allows ...)
- - jabberd2 <unfixed> (bug #357874)
+ - jabberd2 2.0s11-1 (bug #357874)
CVE-2006-1328 (SQL injection vulnerability in count.php in Skull-Splitter PHP
...)
NOT-FOR-US: Skull-Splitter PHP
CVE-2006-1327 (SQL injection vulnerability in reg.php in SoftBB 0.1 allows
remote ...)
@@ -4822,7 +4823,7 @@
[woody] - samba <not-affected>
[sarge] - samba <not-affected>
CVE-2006-1058 (BusyBox 1.1.1 does not use a salt when generating passwords,
which ...)
- - busybox <unfixed> (low; bug #360578)
+ - busybox 1:1.1.3-1 (low; bug #360578)
CVE-2006-1057 (Race condition in daemon/slave.c in gdm before 2.14.1 allows
local ...)
{DSA-1040-1}
- gdm 2.14.4-1