Author: jmm-guest
Date: 2006-08-20 11:24:14 +0000 (Sun, 20 Aug 2006)
New Revision: 4605
Modified:
data/CVE/list
Log:
bugnums, not-affected
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-20 09:35:24 UTC (rev 4604)
+++ data/CVE/list 2006-08-20 11:24:14 UTC (rev 4605)
@@ -345,7 +345,7 @@
NOT-FOR-US: Cisco
CVE-2006-4031 (MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local
user to ...)
- mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
- - mysql-dfsg <unfixed> (low)
+ - mysql-dfsg <unfixed> (low) (bug #380271; low)
CVE-2006-4030 (Unspecified vulnerability in the stats module in Gallery
1.5.1-RC2 and ...)
{DSA-1148-1}
- gallery 1.5.3-1
@@ -358,6 +358,7 @@
RESERVED
CVE-2006-XXXX [realtime-lsm-source: wrong permissions might lead to local root]
- realtime-lsm 0.8.7-2 (bug #382161; low)
+ [sarge] - realtime-lsm <not-affected>
NOTE: only to user 1017 or group 1001 and only while root is building the
module
CVE-2006-4026 (PHP remote file inclusion vulnerability in SAPID CMS 123 rc3
allows ...)
NOT-FOR-US: SAPID CMS
@@ -3259,7 +3260,7 @@
CVE-2006-2755 (Cross-site scripting (XSS) vulnerability in index.php in
UBBThreads ...)
NOT-FOR-US: UBBThreads
CVE-2006-2754 (Stack-based buffer overflow in st.c in slurpd for OpenLDAP
before ...)
- - openldap2.3 <unfixed> (unimportant)
+ - openldap2.3 <unfixed> (bug #375494; bug #377047; unimportant)
NOTE: File is only written and read by slurpd, only editable by root
CVE-2006-2752 (The RedCarpet /etc/ximian/rcd.conf configuration file in Novell
Linux ...)
NOT-FOR-US: RedCarpet
@@ -6136,8 +6137,8 @@
CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in
PAJAX ...)
NOT-FOR-US: PAJAX
CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash
(segmentation ...)
- - php4 <unfixed> (bug #361854)
- - php5 5.1.4-0.1 (bug #361917)
+ - php4 <unfixed> (bug #361854, unimportant)
+ - php5 5.1.4-0.1 (bug #361917, unimportant)
NOTE: this is arguably not a security vulnerability.
CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier,
and 7.0 ...)
NOT-FOR-US: BEA WebLogic
@@ -6250,7 +6251,7 @@
CVE-2006-1527 (The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows
remote ...)
- linux-2.6 2.6.16-12 (low)
CVE-2006-1526 (Buffer overflow in the X render (Xrender) extension in X.org X
server ...)
- - xorg-server 1:1.0.2-8
+ - xorg-server 1:1.0.2-8 (bug #378464)
CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local
users ...)
{DSA-1103 DSA-1097-1}
- linux-2.6 2.6.16-9
@@ -7174,7 +7175,7 @@
CVE-2005-4729 (SQL injection vulnerabilitiy in show.php in VBZooM Forum allows
remote ...)
NOT-FOR-US: VBZooM
CVE-2006-XXXX [Directory traversal issue in Namazu2]
- - namazu2 2.0.16-1
+ - namazu2 <not-affected> (Windows-specific issue)
CVE-2006-1166 (Monotone 0.25 and earlier, when a user creates a file in a
directory ...)
- monotone 0.26pre1-0.1 (low)
NOTE: Needs a case-insensitive file system (e.g. VFAT or Samba) on
@@ -28189,7 +28190,7 @@
- perl <not-affected> (Win32 specific)
CVE-2004-0376 (oftpd 0.3.6 and earlier allows remote attackers to cause a
denial of ...)
{DSA-473}
- - oftpd 20040304-1
+ - oftpd 20040304-1 (bug #353882)
CVE-2004-0375 (SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004,
Norton ...)
NOT-FOR-US: Symantec Norton Internet Security
CVE-2004-0374 (Interchange before 5.0.1 allows remote attackers to
"expose the ...)