Author: jmm-guest Date: 2006-12-26 13:15:46 +0100 (Tue, 26 Dec 2006) New Revision: 5179 Modified: data/CVE/list Log: record correct fix for typo3 moodle already fixed per maintainer dbus issue just an unimportant local annoyance bug gaim-encryption no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-26 08:14:19 UTC (rev 5178) +++ data/CVE/list 2006-12-26 12:15:46 UTC (rev 5179) @@ -16,7 +16,7 @@ CVE-2006-6691 (Multiple PHP remote file inclusion vulnerabilities in Valdersoft ...) NOT-FOR-US: Valdersoft Shopping Cart CVE-2006-6690 (rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through ...) - - typo3 4.0.4+debian-1 (high; bug #403906) + - typo3 4.0.2+debian-2 (high; bug #403906) NOTE: http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9 CVE-2006-6689 (Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 ...) NOT-FOR-US: Paristemi @@ -176,7 +176,7 @@ - moodle 1.6-1 NOTE: Does not affect moodle 1.6 according to SecurityFocus. CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in ...) - - moodle <unfixed> (low) + - moodle 1.6.3-2 (low) NOTE: "SC#341 fixed initilaization of navtail variable" NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users ...) @@ -1363,7 +1363,8 @@ CVE-2006-6108 (Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta ...) NOT-FOR-US: EC-CUBE CVE-2006-6107 (Unspecified vulnerability in the match_rule_equal function in ...) - - dbus 1.0.2-1 + - dbus 1.0.2-1 (low) + [sarge] - dbus <no-dsa> (Minor issue) CVE-2006-6106 (Multiple buffer overflows in the cmtp_recv_interopmsg function in the ...) - linux-2.6 <unfixed> CVE-2006-6105 (Format string vulnerability in the host chooser window (gdmchooser) in ...) @@ -14466,7 +14467,8 @@ CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain ...) - webgui <itp> (bug #139749) CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to ...) - - gaim-encryption 3.0~beta5-3 (bug #337127) + - gaim-encryption 3.0~beta5-3 (log; bug #337127) + [sarge] - gaim-encryption <no-dsa> (Minor issue) CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before ...) NOT-FOR-US: mroovca CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...)