[Secure-testing-commits] r3326 - in data: CVE DSA

Moritz Muehlenhoff Fri, 20 Jan 2006 06:54:23 -0800

Author: jmm-guest
Date: 2006-01-20 14:53:26 +0000 (Fri, 20 Jan 2006)
New Revision: 3326


Modified:
   data/CVE/list
   data/DSA/list
Log:
two new DSAs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-01-20 11:24:15 UTC (rev 3325)
+++ data/CVE/list       2006-01-20 14:53:26 UTC (rev 3326)
@@ -1035,8 +1035,9 @@
        [sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not 
present)
 CVE-2006-0035 (The netlink_rcv_skb function in af_netlink.c in Linux kernel 
2.6.15 ...)
        - linux-2.6 <unfixed>
-CVE-2006-0019
+CVE-2006-0019 [kjs heap overflow]
        RESERVED
+       - kdelibs <unfixed> (medium)
 CVE-2005-4474 (Buffer overflow in the &quot;Add to archive&quot; command in 
WinRAR 3.51 allows ...)
        NOT-FOR-US: WinRAR
 CVE-2005-4473 (Unspecified vulnerability in Macromedia JRun 4 web server (JWS) 
allows ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2006-01-20 11:24:15 UTC (rev 3325)
+++ data/DSA/list       2006-01-20 14:53:26 UTC (rev 3326)
@@ -1,3 +1,11 @@
+[20 Jan 2006] DSA-948-1 kdelibs - heap overflow
+        {CVE-2006-0019}
+       [sarge] - kdelibs 3.3.2-6.4
+       NOTE: not fixed in testing at time of DSA (unfixed in sid)
+[20 Jan 2006] DSA-947-1 clamav - heap overflow
+        {CVE-2006-0162}
+       [sarge] - clamav 0.84-2.sarge.7
+       NOTE: fixed in testing at time of DSA
 [20 Jan 2006] DSA-946-1 sudo - missing input sanitising
         {CVE-2005-4158 CVE-2006-0151}
        [woody] - sudo 1.6.6-1.5


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3326 - in data: CVE DSA

Reply via email to