Author: jmm-guest
Date: 2007-03-03 19:51:30 +0000 (Sat, 03 Mar 2007)
New Revision: 5500
Modified:
data/CVE/list
Log:
typo3 dupe
openser fixed in etch
no-dsa for libgd2
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-03-03 10:53:39 UTC (rev 5499)
+++ data/CVE/list 2007-03-03 19:51:30 UTC (rev 5500)
@@ -409,8 +409,6 @@
CVE-2007-XXXX [apg generates insecure passwords on 64-bit architectures]
- apg <unfixed> (bug #412618)
NOTE: This is not reproducible after a recompile on amd64.
-CVE-2007-XXXX [TYPO3 Security Bulletin TYPO3-20070221-1: Email header
injection]
- - typo3-src 4.0.5+debian-1
CVE-2007-XXXX [mt-daapd remote access & default password]
- mt-daapd <unfixed> (unimportant; bug #404640)
NOTE: User-unfriendly packaging flaw, but not a vulnerability per se
@@ -1926,6 +1924,8 @@
[sarge] - ethereal <not-affected> (Vulnerable code not present)
CVE-2007-0455 (Buffer overflow in the gdImageStringFTEx function in gdft.c in
GD ...)
- libgd2 <unfixed> (bug #408982; low)
+ [sarge] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
+ [etch] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
CVE-2007-0454 (Format string vulnerability in the afsacl.so VFS module in Samba
3.0.6 ...)
{DSA-1257}
- samba 3.0.23d-5 (medium)
@@ -2981,9 +2981,11 @@
NOT-FOR-US: Matteo Lucarelli 3editor
CVE-2006-6876 (The fetchsms function in the SMS handling module
(libsms_getsms.c) in ...)
- openser 1.1.1-1 (medium)
+ [etch] - openser 1.1.0-9etch1
NOTE: http://www.openser.org/pub/openser/1.1.1/ChangeLog
CVE-2006-6875 (Buffer overflow in the validateospheader function in the Open
...)
- openser 1.1.1-1 (medium)
+ [etch] - openser 1.1.0-9etch1
NOTE: http://www.openser.org/pub/openser/1.1.1/ChangeLog
CVE-2006-6874 (Multiple cross-site scripting (XSS) vulnerabilities in
friend.php in ...)
NOT-FOR-US: eNdonesia CMS