Moritz Muehlenhoff
2007-Feb-11 19:02 UTC
[Secure-testing-commits] r5435 - in data: CVE DSA
Author: jmm-guest
Date: 2007-02-11 19:02:04 +0100 (Sun, 11 Feb 2007)
New Revision: 5435
Modified:
data/CVE/list
data/DSA/list
Log:
new linux-2.6 issue
thunderbird DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-02-10 00:51:16 UTC (rev 5434)
+++ data/CVE/list 2007-02-11 18:02:04 UTC (rev 5435)
@@ -446,12 +446,11 @@
CVE-2007-0659 (download.php in the MuddyDogPaws FileDownload snippet before 2.5
for ...)
NOT-FOR-US: MODx MuddyDogPaws FileDownload
CVE-2007-0658 (The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1
module ...)
- - drupal <not-affected> (Drupal module "Textimage")
+ NOT-FOR-US: Drupal addon module "Textimage"
CVE-2007-0657 (Unspecified vulnerability in Nexuiz 2.2.2 allows remote
attackers to ...)
- nexuiz 2.2.3-1 (medium)
CVE-2007-0656 (PHP remote file inclusion vulnerability in
includes/functions.php in ...)
- - phpbb2 <not-affected>
- NOTE: phpBB2-MODificat it is a module to phpbb2.
+ NOT-FOR-US: phpBB2-MODificat it is a module to phpbb2
CVE-2007-0655
RESERVED
CVE-2007-0654
@@ -712,7 +711,7 @@
CVE-2007-0535 (Multiple eval injection vulnerabilities in Vote! Pro 4.0, and
possibly ...)
NOT-FOR-US: Vote! Pro
CVE-2007-0534 (Multiple cross-site scripting (XSS) vulnerabilities in the (1)
Project ...)
- - drupal <not-affected> (Drupal module "Project")
+ NOT-FOR-US: Drupal module "Project"
CVE-2007-0533 (The AToZed IntraWeb component 8.0 and earlier for Borland Delphi
and ...)
NOT-FOR-US: Borland Delphi
CVE-2007-0532 (Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive
...)
@@ -765,11 +764,11 @@
CVE-2007-0509 (Multiple unspecified vulnerabilities in MaklerPlus before 1.2
have ...)
NOT-FOR-US: MaklerPlus
CVE-2007-0507 (SQL injection vulnerability in the Acidfree module for Drupal
before ...)
- - drupal <not-affected> (Drupal module "Acidfree")
+ NOT-FOR-US: Drupal module "Acidfree"
CVE-2007-0506 (The project_issue_access function in the Project issue tracking
4.7.0 ...)
- - drupal <not-affected> (Drupal module "Project")
+ NOT-FOR-US: Drupal module "Project"
CVE-2007-0505 (Unrestricted file upload vulnerability in the Project issue
tracking ...)
- - drupal <not-affected> (Drupal module "Project")
+ NOT-FOR-US: Drupal module "Project"
CVE-2007-0504 (Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0,
and ...)
NOT-FOR-US: Vote! Pro
CVE-2007-0503 (Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and
9 ...)
@@ -2574,7 +2573,7 @@
CVE-2007-0007
RESERVED
CVE-2007-0006 (The key serial number collision avoidance code in the
key_alloc_serial ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2007-0005
RESERVED
CVE-2007-0004
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-02-10 00:51:16 UTC (rev 5434)
+++ data/DSA/list 2007-02-11 18:02:04 UTC (rev 5435)
@@ -1,3 +1,6 @@
+[07 Jan 2007] DSA-1258-1 mozilla-thunderbird
+ {CVE-2006-6497 CVE-2006-6498 CVE-2006-6499 CVE-2006-6501 CVE-2006-6502
CVE-2006-6503}
+ [sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8e.2
[05 Feb 2007] DSA-1257 samba
{CVE-2007-0452 CVE-2007-0454}
[sarge] - samba 3.0.14a-3sarge4