Author: luk Date: 2012-01-01 10:34:29 +0000 (Sun, 01 Jan 2012) New Revision: 17954 Modified: data/CVE/list Log: Mark some packages as removed, mark some with newly named packages Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-01 01:06:25 UTC (rev 17953) +++ data/CVE/list 2012-01-01 10:34:29 UTC (rev 17954) @@ -91670,7 +91670,7 @@ NOT-FOR-US: XOOPS CVE-2006-0197 (The XClientMessageEvent struct used in certain components of X.Org ...) NOTE: exploitability uncertian - - xorg-x11 <unfixed> (bug #349251; low) + - libx11 <unfixed> (bug #349251; low) CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 ...) NOT-FOR-US: slsnif CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 ...) @@ -96506,7 +96506,7 @@ CVE-2005-XXXX [rkhunter: Insecure temporary file] - rkhunter 1.2.7-14 (bug #330627; medium) CVE-2005-XXXX [fprobe-ng: Insecure default hash] - - fprobe-ng <unfixed> (bug #322699; low) + - fprobe <unfixed> (bug #322699; low) [sarge] - fprobe-ng <no-dsa> (Hardly exploitable) CVE-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...) NOT-FOR-US: Movable Type @@ -98582,10 +98582,10 @@ - metamail 2.7-48 (bug #321473; low) [sarge] - metamail <no-dsa> (Hardly exploitable, minor Dos) CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other security issues] - - xfree86 <unfixed> (bug #321447; low) + - xfree86 <removed> (bug #321447; low) [woody] - xfree86 <no-dsa> (Hardly exploitable) [sarge] - xfree86 <no-dsa> (Hardly exploitable) - - xorg-x11 <unfixed> (bug #321447; low) + - x11-apps <unfixed> (bug #321447; low) CVE-2005-XXXX [gs-esp: Insecure usage of /tmp in source code] - ghostscript 8.61.dfsg.1~svn8187-1 (bug #291452; unimportant) NOTE: Not included in the binary package @@ -99150,7 +99150,7 @@ CVE-2004-2240 (Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier ...) NOT-FOR-US: Phorum CVE-2004-2239 (Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow ...) - - vpopmail <unfixed> (bug #320608; low) + - vpopmail <removed> (bug #320608; low) CVE-2005-XXXX [SQL injecton vulnerabilities in vpopmail prior to 5.4.6] NOTE: see http://archives.neohapsis.com/archives/bugtraq/2004-08/0286.html NOTE: maintainer says does not apply to debian, see #320608 @@ -103339,7 +103339,7 @@ CVE-2005-2354 [nvu uses old copy of mozilla xpcom] RESERVED NOTE: have not checked to see which security holes are in it exactly - - nvu <unfixed> (bug #306822; medium) + - nvu <removed> (bug #306822; medium) CVE-2005-2356 RESERVED NOTE: This was assigned to an eskuel non-issue before due to Red Hat typos