Author: stef-guest
Date: 2006-08-15 08:17:24 +0000 (Tue, 15 Aug 2006)
New Revision: 4567
Modified:
data/CVE/list
data/DSA/list
Log:
DSAs 1147, 1148, 1151
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-14 21:00:36 UTC (rev 4566)
+++ data/CVE/list 2006-08-15 08:17:24 UTC (rev 4567)
@@ -92,8 +92,10 @@
CVE-2006-4031 (MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local
user to ...)
- mysql-dfsg-5.0 <unfixed> (bug #382415; low)
- mysql-dfsg <unfixed> (low)
-CVE-2006-4030
+CVE-2006-4030 [gallery Missing input sanitising in the stats modules allows
information disclosure]
RESERVED
+ - gallery 1.5.3-1
+ TODO: check gallery2
CVE-2006-4029 (Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and
1.38.1 ...)
NOT-FOR-US: AGEphone
CVE-2006-4028 (Multiple unspecified vulnerabilities in WordPress before 2.0.4
have ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-08-14 21:00:36 UTC (rev 4566)
+++ data/DSA/list 2006-08-15 08:17:24 UTC (rev 4567)
@@ -1,3 +1,6 @@
+[15 Aug 2006] DSA-1151-1 heartbeat - out-of-bounds read
+ {CVE-2006-3121}
+ [sarge] - heartbeat 1.2.3-9sarge6
[12 Aug 2006] DSA-1150-1 shadow - programming error
{CVE-2006-3378}
[sarge] - shadow 1:4.0.3-31sarge8
@@ -4,6 +7,12 @@
[10 Aug 2006] DSA-1149-1 ncompress - buffer underflow
{CVE-2006-1168}
[sarge] - ncompress 4.2.4-15sarge2
+[09 Aug 2006] DSA-1148-1 gallery - several vulnerabilities
+ {CVE-2005-2734 CVE-2006-0330 CVE-2006-4030}
+ [sarge] - gallery 1.5-1sarge2
+[09 Aug 2006] DSA-1147-1 drupal - missing input sanitising
+ {CVE-2006-4002}
+ [sarge] - drupal 4.5.3-6.1sarge3
[09 Aug 2006] DSA-1146-1 krb5 - programming error
{CVE-2006-3083 CVE-2006-3084}
[sarge] - krb5 1.3.6-2sarge3