Moritz Muehlenhoff
2006-Oct-24 15:58 UTC
[Secure-testing-commits] r4876 - in data: CVE DSA
Author: jmm-guest
Date: 2006-10-24 15:57:41 +0000 (Tue, 24 Oct 2006)
New Revision: 4876
Modified:
data/CVE/list
data/DSA/list
Log:
webmin dsa
old linux-2.6 issue
qt4 fixed
koffice fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-10-24 09:14:19 UTC (rev 4875)
+++ data/CVE/list 2006-10-24 15:57:41 UTC (rev 4876)
@@ -1340,7 +1340,7 @@
CVE-2006-4820 (Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and
...)
NOT-FOR-US: HP-UX
CVE-2006-4819 (Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote
...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2006-4818
RESERVED
CVE-2006-4817
@@ -1352,13 +1352,13 @@
CVE-2006-4814
RESERVED
CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux
kernel ...)
- TODO: check
+ - linux-2.6 2.6.13-1
CVE-2006-4812 (Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows
remote ...)
- php4 <not-affected>
- php5 <unfixed> (bug #391586)
CVE-2006-4811 (Integer overflow in Qt, as used in the KDE khtml library,
kdelibs ...)
- qt-x11-free 3:3.3.7-1 (bug #394192; bug #394313)
- - qt4-x11 <unfixed> (bug #394192)
+ - qt4-x11 4.2.1-1 (bug #394192)
CVE-2006-4810
RESERVED
CVE-2006-4809
@@ -2424,7 +2424,7 @@
- openssl097 0.9.7k-2
- openssl096 <removed>
CVE-2006-4342 (The kernel in Red Hat Enterprise Linux 3, when running on SMP
systems, ...)
- TODO: check
+ - linux-2.6 <not-affected> (Flaw specific to Red Hat backport)
CVE-2006-4341
REJECTED
CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as
used ...)
@@ -2885,7 +2885,6 @@
CVE-2006-4146 (Buffer overflow in the (1) DWARF (dwarfread.c) and DWARF2 ...)
- gdb <unfixed> (unimportant)
NOTE: Every sensible use of gdb involves executing the debugged binary
- TODO: file bug
CVE-2006-4145 (The Universal Disk Format (UDF) filesystem driver in Linux
kernel ...)
- linux-2.6 2.6.17-7
CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers
to ...)
@@ -12044,7 +12043,7 @@
- kdegraphics 4:3.5.1-2 (medium)
- gpdf 2.10.0-3 (medium)
- xpdf 3.01-6 (bug #350785; bug #350783; medium)
- - koffice <unfixed> (medium)
+ - koffice 1.5.0-1 (medium)
- libextractor 0.5.10-1 (medium)
- pdfkit.framework 0.8-4 (medium)
CVE-2006-0300 (Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-10-24 09:14:19 UTC (rev 4875)
+++ data/DSA/list 2006-10-24 15:57:41 UTC (rev 4876)
@@ -1,3 +1,6 @@
+[23 Oct 2006] DSA-1199-1 webmin
+ {CVE-2005-3912 CVE-2006-3392 CVE-2006-4542}
+ [sarge] - webmin 1.180-3sarge1
[23 Oct 2006] DSA-1198-1 python2.3
{CVE-2006-4980}
[sarge] - python2.3 2.3.5-3sarge2