Author: jmm-guest
Date: 2007-02-28 22:14:22 +0100 (Wed, 28 Feb 2007)
New Revision: 5497
Modified:
data/CVE/list
Log:
record clamav fixes for etch
remove firefox-sage dupe
amarok fix had been updated
no-dsa for minor evolution issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-02-28 20:43:52 UTC (rev 5496)
+++ data/CVE/list 2007-02-28 21:14:22 UTC (rev 5497)
@@ -782,12 +782,17 @@
CVE-2007-0899 [Possible heap overflow in libclamav/fsg.c]
RESERVED
- clamav 0.90-1
+ [etch] - clamav 0.88.7-2
CVE-2007-0898 (Directory traversal vulnerability in clamd in Clam AntiVirus
ClamAV before ...)
- clamav 0.90-1 (bug #411117)
+ [etch] - clamav 0.88.7-2
CVE-2007-0897 (Clam AntiVirus ClamAV before 0.90 does not close open file
descriptors under ...)
- clamav 0.90-1 (bug #411118)
+ [etch] - clamav 0.88.7-2
CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before
...)
- firefox-sage 1.3.10-1
+ NOTE: http://secunia.com/advisories/24086/
+ NOTE: might not affect Debian version because HTML mode is disabled. sf:
pinged maintainer
CVE-2007-0451 (Apache SpamAssassin before 3.1.8 allows remote attackers to
cause a ...)
- spamassassin 3.1.7-2 (bug #410843)
NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318
@@ -926,10 +931,6 @@
NOT-FOR-US: GreenBrowser
CVE-2006-6983 (Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows
remote ...)
NOT-FOR-US: MYweb4net Browser
-CVE-2007-XXXX [Firefox-sage XSS]
- - firefox-sage <unfixed>
- NOTE: http://secunia.com/advisories/24086/
- NOTE: might not affect Debian version because HTML mode is disabled. sf:
pinged maintainer
CVE-2007-XXXX [php: multiple issues fixed in php 5.2.1]
- php4 <unfixed>
- php5 <unfixed> (bug #410561; bug #410995)
@@ -1174,7 +1175,7 @@
CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used,
allows ...)
NOT-FOR-US: 3proxy
CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to
cause a ...)
- - amarok 1.4.4-3 (bug #410850; low)
+ - amarok 1.4.4-4 (bug #410850; low)
CVE-2006-6979 (The ruby handlers in Amarok do not properly quote text in
certain ...)
- amarok 1.4.4-1 (bug #410850; low)
CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic
Toolbar ...)
@@ -19520,6 +19521,7 @@
RESERVED
CVE-2006-0040 (GNOME Evolution 2.4.2.1 and earlier allows remote attackers to
cause a ...)
- evolution <unfixed> (bug #398064; low)
+ [etch] - evolution <no-dsa> (Minor issue)
[sarge] - evolution <not-affected> (Not reproducable on Sarge)
CVE-2006-0039 (Race condition in the do_add_counters function in netfilter for
Linux ...)
{DSA-1103 DSA-1097-1}