Author: jmm-guest
Date: 2006-08-06 16:44:29 +0000 (Sun, 06 Aug 2006)
New Revision: 4510
Modified:
data/CVE/list
Log:
chmlib is affected by older problem
libnasl no-dsa
checked two evolution problems to not affect Sarge
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-06 12:17:37 UTC (rev 4509)
+++ data/CVE/list 2006-08-06 16:44:29 UTC (rev 4510)
@@ -1761,9 +1761,7 @@
CVE-2006-3179 (Cross-site scripting (XSS) vulnerability in
tools_ftp_pwaendern.php in ...)
NOT-FOR-US: Confixx Pro
CVE-2006-3178 (Directory traversal vulnerability in extract_chmLib example
program in ...)
- NOTE: not a security bug in the library, but rather in one of the uncompiled
- NOTE: sample programs distributed in /usr/share/doc/libchm-dev/examples
- - chmlib 0.38-1 (bug #374085; unimportant)
+ - chmlib 0.38-1 (bug #374085; low)
CVE-2006-3177 (PHP remote file inclusion vulnerability in Admin/rtf_parser.php
in The ...)
NOT-FOR-US: The Bible Portal Project
CVE-2006-3176 (SQL injection vulnerability in xarancms_haupt.php in xarancms
2.0 ...)
@@ -2622,6 +2620,7 @@
NOT-FOR-US: Sun StorADE
CVE-2006-2789 (Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when
"load images if ...)
- evolution 2.4.0-1 (low)
+ [sarge] - evolution <not-affected> (Not reproducible on Sarge''s
evolution)
NOTE: Verified that the patch has been applied in 2.4.0-1,
NOTE: may have been fixed earlier.
CVE-2006-2788 (Double-free vulnerability in the getRawDER function for
nsIX509Cert in ...)
@@ -4237,6 +4236,7 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit
...)
- libnasl 2.2.8-1 (bug #365898; low)
+ [sarge] - libnasl <no-dsa> (Hardly exploitable, see #365898)
CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for
Windows ...)
NOT-FOR-US: HP
CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2
allows ...)
@@ -9733,6 +9733,7 @@
RESERVED
CVE-2006-0040 (GNOME Evolution 2.4.2.1 and earlier allows remote attackers to
cause a ...)
- evolution <unfixed>
+ [sarge] - evolution <not-affected> (Not reproducable on Sarge)
CVE-2006-0039 (Race condition in the do_add_counters function in netfilter for
Linux ...)
{DSA-1103 DSA-1097-1}
- linux-2.6 2.6.16-14