Author: jmm
Date: 2012-03-07 18:20:27 +0000 (Wed, 07 Mar 2012)
New Revision: 18615
Modified:
data/CVE/list
Log:
record tremulus/quake 3 fixes
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-03-07 18:06:12 UTC (rev 18614)
+++ data/CVE/list 2012-03-07 18:20:27 UTC (rev 18615)
@@ -9441,6 +9441,8 @@
NOTE: Current openarena packages use the share ioquake3 engine
[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point
update)
- ioquake3 1.36+svn1946-4
+ - tremulous 1.1.0-6
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly
handle ...)
NOT-FOR-US: CA ARCserve D2D
CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki
before ...)
@@ -10368,6 +10370,8 @@
NOTE: Current openarena packages use the share ioquake3 engine
[squeeze] - openarena 0.8.5-5+squeeze1
- ioquake3 1.36+svn1946-4
+ - tremulous 1.1.0-6
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3
(11) and ...)
NOT-FOR-US: LifeSize Room appliance
CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3
(11) ...)
@@ -87471,9 +87475,13 @@
CVE-2006-3326 (Directory traversal vulnerability in QuickZip 3.06.3 allows
remote ...)
NOT-FOR-US: QuickZip
CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the
Icculus ...)
- NOT-FOR-US: Quake 3
+ - ioquake3 1.36+svn1788j-1
+ - tremulous 1.1.0-6
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and
the ...)
- NOT-FOR-US: Quake 3
+ - ioquake3 1.36+svn1788j-1
+ - tremulous 1.1.0-6
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in MF
...)
NOT-FOR-US: MF Piadas
CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php in
...)
@@ -88451,7 +88459,7 @@
CVE-2006-2876 (Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro
Publish ...)
NOT-FOR-US: PHP Pro Publish
CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of
Quake ...)
- - tremulous <unfixed> (bug #660830)
+ - tremulous 1.1.0-6 (bug #660827)
[squeeze] - tremulous <no-dsa> (Contrib not supported)
- ioquake3 1.36+svn1788j-1
CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4
has ...)
@@ -89971,7 +89979,7 @@
{DSA-1058-1}
- awstats 6.5-2 (bug #365909; bug #365910; medium)
CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60,
(2) ...)
- - tremulous <unfixed> (bug #660827)
+ - tremulous 1.1.0-6 (bug #660827)
[squeeze] - tremulous <no-dsa> (Contrib not supported)
- ioquake3 1.36+svn1788j-1
CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when
authentication is ...)
@@ -90330,7 +90338,9 @@
[sarge] - rsync <not-affected> (xattr patch appeared in 2.6.7)
[woody] - rsync <not-affected> (xattr patch appeared in 2.6.7)
CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in
...)
- NOT-FOR-US: Quake 3
+ - ioquake3 1.36+svn1788j-1
+ - tremulous 1.1.0-6
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to
execute ...)
NOT-FOR-US: Oracle
CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in
Verosky ...)