stef-guest at alioth.debian.org
2007-Jun-29 16:34 UTC
[Secure-testing-commits] r6075 - bin data/CVE website
Author: stef-guest
Date: 2007-06-29 16:34:06 +0000 (Fri, 29 Jun 2007)
New Revision: 6075
Modified:
bin/updatehtmllist
data/CVE/list
website/list.html
website/style.css
Log:
krb5 fixed
Modified: bin/updatehtmllist
==================================================================---
bin/updatehtmllist 2007-06-28 23:18:08 UTC (rev 6074)
+++ bin/updatehtmllist 2007-06-29 16:34:06 UTC (rev 6075)
@@ -23,7 +23,7 @@
}
close HEAD;
-print OUT "<dl>\n";
+print OUT "<table class=''.list''>\n";
my $pack = 0;
my $date = "";
@@ -31,31 +31,26 @@
my $package = "";
my $desc = "";
open (LIST, at ARGV[0]) || die("Could not open list ". at
ARGV[0].": $!");
-while(<LIST>) {
- $line = $_ ;
- if ($line=~/^(\[.+\]) (DTSA-[0-9]+-[0-9]+) ([^ ].+) - (.+)$/) {
- if ($pack == 1) {
- # print the previous acvisory, as it wasn''t unreleased
- print OUT "<dt>$date <a
href=''DTSA/$dtsa.html''>$dtsa
$package</a></dt>\n";
- print OUT "<dd>$desc</dd>\n";
- }
- $date = $1;
- $dtsa = $2;
- $package = $3;
- $desc = $4;
- $pack = 1;
+my @list;
+{
+ local $/="\n\[";
+ @list = reverse <LIST>;
+}
+close LIST;
+
+foreach my $entry (@list) {
+ next if $entry =~ /TODO: unreleased/;
+ if ($entry=~/^\[?(.+)\] (DTSA-[0-9]+-[0-9]+) ([^ ].+) - (.+)$/m) {
+ print OUT htmlentry($1, $2, $3, $4);
}
- if ($line=~/TODO: unreleased$/) {
- $pack = 0;
+ else {
+ print STDERR "invalid entry:\n$entry";
}
}
-if ($pack == 1) {
- # print the previous acvisory, as it wasn''t unreleased
- print OUT "<dt>$date <a
href=''DTSA/$dtsa.html''>$dtsa
$package</a></dt>\n";
- print OUT "<dd>$desc</dd>\n";
-}
-print OUT "</dl>\n";
+print OUT "</table>\n";
+
+
open (FOOT,"footer.html") || die("Could not open footer.html:
$!"); ;
while(<FOOT>) {
$line = $_ ;
@@ -68,3 +63,14 @@
rename("$output.tmp.$$", $output) || die "rename: $!";
}
+
+
+sub htmlentry {
+ my ($date, $dtsa, $package, $desc) = @_;
+ return << "EOF";
+<tr><td>$date</td><td> <a
href=''DTSA/$dtsa.html''>$dtsa
$package</a></td>\n
+<td>$desc</td></tr>
+EOF
+}
+
+
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-06-28 23:18:08 UTC (rev 6074)
+++ data/CVE/list 2007-06-29 16:34:06 UTC (rev 6075)
@@ -1490,7 +1490,7 @@
CVE-2007-2799 (Integer overflow in the "file" program 4.20,
when running on 32-bit ...)
- file 4.21-1 (medium)
CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc
function in ...)
- - krb5 <unfixed> (high; bug #430785)
+ - krb5 1.6.dfsg.1-5 (high; bug #430785)
CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and
5.1.2 ...)
- php4 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
@@ -2283,9 +2283,9 @@
{DSA-1291-2 DTSA-41-1}
- samba 3.0.25-1
CVE-2007-2443 (Integer signedness error in the gssrpc__svcauth_unix function in
...)
- - krb5 <unfixed> (bug #430787; medium)
+ - krb5 1.6.dfsg.1-5 (bug #430787; medium)
CVE-2007-2442 (The gssrpc__svcauth_gssapi function in the RPC library in MIT
Kerberos ...)
- - krb5 <unfixed> (bug #430787; high)
+ - krb5 1.6.dfsg.1-5 (bug #430787; high)
CVE-2007-2441 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and
earlier for ...)
NOT-FOR-US: Caucho Resin Professional
CVE-2007-2440 (Directory traversal vulnerability in Caucho Resin Professional
3.1.0 ...)
Modified: website/list.html
==================================================================---
website/list.html 2007-06-28 23:18:08 UTC (rev 6074)
+++ website/list.html 2007-06-29 16:34:06 UTC (rev 6075)
@@ -36,84 +36,125 @@
</table>
<!-- header -->
-<dl>
-<dt>[August 26th, 2005] <a
href=''DTSA/DTSA-1-1.html''>DTSA-1-1
kismet</a></dt>
-<dd>various</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-2-1.html''>DTSA-2-1
centericq</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-3-1.html''>DTSA-3-1
clamav</a></dt>
-<dd>denial of service and privilege escalation</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-4-1.html''>DTSA-4-1 ekg</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-5-1.html''>DTSA-5-1
gaim</a></dt>
-<dd>multiple remote vulnerabilities</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-6-1.html''>DTSA-6-1
cgiwrap</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[August 28th, 2005] <a
href=''DTSA/DTSA-7-1.html''>DTSA-7-1
mozilla</a></dt>
-<dd>frame injection spoofing</dd>
-<dt>[September 1st, 2005] <a
href=''DTSA/DTSA-8-2.html''>DTSA-8-2
mozilla-firefox</a></dt>
-<dd>several vulnerabilities (update)</dd>
-<dt>[August 31st, 2005] <a
href=''DTSA/DTSA-9-1.html''>DTSA-9-1
bluez-utils</a></dt>
-<dd>bad device name escaping</dd>
-<dt>[August 29th, 2005] <a
href=''DTSA/DTSA-10-1.html''>DTSA-10-1
pcre3</a></dt>
-<dd>buffer overflow</dd>
-<dt>[August 29th, 2005] <a
href=''DTSA/DTSA-11-1.html''>DTSA-11-1
maildrop</a></dt>
-<dd>local privilege escalation</dd>
-<dt>[September 8th, 2005] <a
href=''DTSA/DTSA-12-1.html''>DTSA-12-1
vim</a></dt>
-<dd>modeline exploits</dd>
-<dt>[September 8th, 2005] <a
href=''DTSA/DTSA-13-1.html''>DTSA-13-1
evolution</a></dt>
-<dd>format string vulnerabilities</dd>
-<dt>[September 13th, 2005] <a
href=''DTSA/DTSA-14-1.html''>DTSA-14-1
mozilla</a></dt>
-<dd>several</dd>
-<dt>[September 13th, 2005] <a
href=''DTSA/DTSA-15-1.html''>DTSA-15-1
php4</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[September 15th, 2005] <a
href=''DTSA/DTSA-16-1.html''>DTSA-16-1
linux-2.6</a></dt>
-<dd>various</dd>
-<dt>[September 15th, 2005] <a
href=''DTSA/DTSA-17-1.html''>DTSA-17-1
lm-sensors</a></dt>
-<dd>insecure temporary file</dd>
-<dt>[September 22nd, 2005] <a
href=''DTSA/DTSA-19-1.html''>DTSA-19-1
clamav</a></dt>
-<dd>buffer overflow and infinate loop problems</dd>
-<dt>[October 13th, 2005] <a
href=''DTSA/DTSA-20-1.html''>DTSA-20-1
mailutils</a></dt>
-<dd>Format string vulnerability</dd>
-<dt>[November 3rd, 2005] <a
href=''DTSA/DTSA-21-1.html''>DTSA-21-1
clamav</a></dt>
-<dd>Denial of service vulnerabilities and buffer overflow</dd>
-<dt>[December 5th, 2005] <a
href=''DTSA/DTSA-22-1.html''>DTSA-22-1
uim</a></dt>
-<dd>local privilege escalation</dd>
-<dt>[December 5th, 2005] <a
href=''DTSA/DTSA-23-1.html''>DTSA-23-1
centericq</a></dt>
-<dd>buffer overflow</dd>
-<dt>[December 5th, 2005] <a
href=''DTSA/DTSA-24-1.html''>DTSA-24-1
inkscape</a></dt>
-<dd>buffer overflow</dd>
-<dt>[December 5th, 2005] <a
href=''DTSA/DTSA-25-1.html''>DTSA-25-1
smb4k</a></dt>
-<dd>access validation error</dd>
-<dt>[December 5th, 2005] <a
href=''DTSA/DTSA-26-1.html''>DTSA-26-1
trackballs</a></dt>
-<dd>symlink attack</dd>
-<dt>[January 20th, 2006] <a
href=''DTSA/DTSA-27-1.html''>DTSA-27-1
fuse</a></dt>
-<dd>potential data corruption when installed seduid root</dd>
-<dt>[January 25th, 2005] <a
href=''DTSA/DTSA-28-1.html''>DTSA-28-1
gpdf</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[June 15th, 2006] <a
href=''DTSA/DTSA-29-1.html''>DTSA-29-1
blender</a></dt>
-<dd>heap-based buffer overflow</dd>
-<dt>[September 27th, 2006] <a
href=''DTSA/DTSA-31-1.html''>DTSA-31-1
hyperestraier</a></dt>
-<dd>cross-site request forgery (CSRF) vulnerability</dd>
-<dt>[February 1st, 2007] <a
href=''DTSA/DTSA-32-1.html''>DTSA-32-1
bcfg2</a></dt>
-<dd>programming error</dd>
-<dt>[February 12th, 2007] <a
href=''DTSA/DTSA-33-1.html''>DTSA-33-1
wordpress</a></dt>
-<dd>multiple vulnerabilities</dd>
-<dt>[March 3rd, 2007] <a
href=''DTSA/DTSA-34-1.html''>DTSA-34-1
wordpress</a></dt>
-<dd>cross-site scripting</dd>
-<dt>[May 22th, 2007] <a
href=''DTSA/DTSA-35-1.html''>DTSA-35-1
aircrack-ng</a></dt>
-<dd>programming error</dd>
-<dt>[May 22th, 2007] <a
href=''DTSA/DTSA-36-1.html''>DTSA-36-1
mydns</a></dt>
-<dd>multiple buffer overflows</dd>
-<dt>[May 22th, 2007] <a
href=''DTSA/DTSA-37-1.html''>DTSA-37-1
clamav</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 26th, 2007] <a
href=''DTSA/DTSA-38-1.html''>DTSA-38-1
qemu</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 28th, 2007] <a
href=''DTSA/DTSA-39-1.html''>DTSA-39-1
php5</a></dt>
-<dd>several vulnerabilities</dd>
-<dt>[May 28th, 2007] <a
href=''DTSA/DTSA-40-1.html''>DTSA-40-1
php4</a></dt>
-<dd>several vulnerabilities</dd>
-</dl>
+<table class=''.list''>
+<tr><td>May 31th, 2007</td><td> <a
href=''DTSA/DTSA-41-1.html''>DTSA-41-1
samba</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 28th, 2007</td><td> <a
href=''DTSA/DTSA-40-1.html''>DTSA-40-1
php4</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 28th, 2007</td><td> <a
href=''DTSA/DTSA-39-1.html''>DTSA-39-1
php5</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 26th, 2007</td><td> <a
href=''DTSA/DTSA-38-1.html''>DTSA-38-1
qemu</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 22th, 2007</td><td> <a
href=''DTSA/DTSA-37-1.html''>DTSA-37-1
clamav</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>May 22th, 2007</td><td> <a
href=''DTSA/DTSA-36-1.html''>DTSA-36-1
mydns</a></td>
+
+<td>multiple buffer overflows</td></tr>
+<tr><td>May 22th, 2007</td><td> <a
href=''DTSA/DTSA-35-1.html''>DTSA-35-1
aircrack-ng</a></td>
+
+<td>programming error</td></tr>
+<tr><td>March 3rd, 2007</td><td> <a
href=''DTSA/DTSA-34-1.html''>DTSA-34-1
wordpress</a></td>
+
+<td>cross-site scripting</td></tr>
+<tr><td>February 12th, 2007</td><td> <a
href=''DTSA/DTSA-33-1.html''>DTSA-33-1
wordpress</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>February 1st, 2007</td><td> <a
href=''DTSA/DTSA-32-1.html''>DTSA-32-1
bcfg2</a></td>
+
+<td>programming error</td></tr>
+<tr><td>September 27th, 2006</td><td> <a
href=''DTSA/DTSA-31-1.html''>DTSA-31-1
hyperestraier</a></td>
+
+<td>cross-site request forgery (CSRF) vulnerability</td></tr>
+<tr><td>June 15th, 2006</td><td> <a
href=''DTSA/DTSA-29-1.html''>DTSA-29-1
blender</a></td>
+
+<td>heap-based buffer overflow</td></tr>
+<tr><td>January 25th, 2005</td><td> <a
href=''DTSA/DTSA-28-1.html''>DTSA-28-1
gpdf</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>January 20th, 2006</td><td> <a
href=''DTSA/DTSA-27-1.html''>DTSA-27-1
fuse</a></td>
+
+<td>potential data corruption when installed seduid
root</td></tr>
+<tr><td>December 5th, 2005</td><td> <a
href=''DTSA/DTSA-26-1.html''>DTSA-26-1
trackballs</a></td>
+
+<td>symlink attack</td></tr>
+<tr><td>December 5th, 2005</td><td> <a
href=''DTSA/DTSA-25-1.html''>DTSA-25-1
smb4k</a></td>
+
+<td>access validation error</td></tr>
+<tr><td>December 5th, 2005</td><td> <a
href=''DTSA/DTSA-24-1.html''>DTSA-24-1
inkscape</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>December 5th, 2005</td><td> <a
href=''DTSA/DTSA-23-1.html''>DTSA-23-1
centericq</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>December 5th, 2005</td><td> <a
href=''DTSA/DTSA-22-1.html''>DTSA-22-1
uim</a></td>
+
+<td>local privilege escalation</td></tr>
+<tr><td>November 3rd, 2005</td><td> <a
href=''DTSA/DTSA-21-1.html''>DTSA-21-1
clamav</a></td>
+
+<td>Denial of service vulnerabilities and buffer
overflow</td></tr>
+<tr><td>October 13th, 2005</td><td> <a
href=''DTSA/DTSA-20-1.html''>DTSA-20-1
mailutils</a></td>
+
+<td>Format string vulnerability</td></tr>
+<tr><td>September 22nd, 2005</td><td> <a
href=''DTSA/DTSA-19-1.html''>DTSA-19-1
clamav</a></td>
+
+<td>buffer overflow and infinate loop problems</td></tr>
+<tr><td>September 15th, 2005</td><td> <a
href=''DTSA/DTSA-17-1.html''>DTSA-17-1
lm-sensors</a></td>
+
+<td>insecure temporary file</td></tr>
+<tr><td>September 15th, 2005</td><td> <a
href=''DTSA/DTSA-16-1.html''>DTSA-16-1
linux-2.6</a></td>
+
+<td>various</td></tr>
+<tr><td>September 13th, 2005</td><td> <a
href=''DTSA/DTSA-15-1.html''>DTSA-15-1
php4</a></td>
+
+<td>several vulnerabilities</td></tr>
+<tr><td>September 13th, 2005</td><td> <a
href=''DTSA/DTSA-14-1.html''>DTSA-14-1
mozilla</a></td>
+
+<td>several</td></tr>
+<tr><td>September 8th, 2005</td><td> <a
href=''DTSA/DTSA-13-1.html''>DTSA-13-1
evolution</a></td>
+
+<td>format string vulnerabilities</td></tr>
+<tr><td>September 8th, 2005</td><td> <a
href=''DTSA/DTSA-12-1.html''>DTSA-12-1
vim</a></td>
+
+<td>modeline exploits</td></tr>
+<tr><td>August 29th, 2005</td><td> <a
href=''DTSA/DTSA-11-1.html''>DTSA-11-1
maildrop</a></td>
+
+<td>local privilege escalation</td></tr>
+<tr><td>August 29th, 2005</td><td> <a
href=''DTSA/DTSA-10-1.html''>DTSA-10-1
pcre3</a></td>
+
+<td>buffer overflow</td></tr>
+<tr><td>August 31st, 2005</td><td> <a
href=''DTSA/DTSA-9-1.html''>DTSA-9-1
bluez-utils</a></td>
+
+<td>bad device name escaping</td></tr>
+<tr><td>September 1st, 2005</td><td> <a
href=''DTSA/DTSA-8-2.html''>DTSA-8-2
mozilla-firefox</a></td>
+
+<td>several vulnerabilities (update)</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-7-1.html''>DTSA-7-1
mozilla</a></td>
+
+<td>frame injection spoofing</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-6-1.html''>DTSA-6-1
cgiwrap</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-5-1.html''>DTSA-5-1
gaim</a></td>
+
+<td>multiple remote vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-4-1.html''>DTSA-4-1 ekg</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-3-1.html''>DTSA-3-1
clamav</a></td>
+
+<td>denial of service and privilege escalation</td></tr>
+<tr><td>August 28th, 2005</td><td> <a
href=''DTSA/DTSA-2-1.html''>DTSA-2-1
centericq</a></td>
+
+<td>multiple vulnerabilities</td></tr>
+<tr><td>August 26th, 2005</td><td> <a
href=''DTSA/DTSA-1-1.html''>DTSA-1-1
kismet</a></td>
+
+<td>various</td></tr>
+</table>
<!-- footer -->
<hr>
<a href="http://validator.w3.org/check?uri=referer">
Modified: website/style.css
==================================================================---
website/style.css 2007-06-28 23:18:08 UTC (rev 6074)
+++ website/style.css 2007-06-29 16:34:06 UTC (rev 6075)
@@ -104,6 +104,10 @@
padding-right: 6px;
}
+td.list {
+ border 0px;
+}
+
td {
font-size: 11px;
border: 0px solid #000;