Author: micah
Date: 2006-02-19 19:09:29 +0000 (Sun, 19 Feb 2006)
New Revision: 3510
Modified:
data/CVE/list
Log:
Some NFUs and two libpam-mysql issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-19 18:47:30 UTC (rev 3509)
+++ data/CVE/list 2006-02-19 19:09:29 UTC (rev 3510)
@@ -113,7 +113,8 @@
CVE-2006-0682 (Multiple cross-site scripting (XSS) vulnerabilities in bbcodes
system ...)
NOT-FOR-US: e107
CVE-2006-0681 (Format string vulnerability in powerd.c in Power Daemon
(powerd) 2.0.2 ...)
- TODO: check
+ NOT-FOR-US: powerd
+ NOTE: powerd supposedly normally comes with sysvinit, but not in debian
CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows
remote ...)
NOT-FOR-US: WebGUI
CVE-2006-0679
@@ -218,7 +219,7 @@
CVE-2005-4714 (Format string vulnerability in the vmps_log function in
OpenVMPS (VLAN ...)
NOT-FOR-US: OpenVMPS
CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in
PAM-MySQL ...)
- TODO: check
+ - libpam-mysql <unfixed> (bug #353589; high)
CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP
Handicapper ...)
NOT-FOR-US: Handicapper
CVE-2006-XXXX [imagemagick's display(1) deletes arbitrary files]
@@ -1780,7 +1781,7 @@
CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote
attackers ...)
NOT-FOR-US: Windows
CVE-2006-0056 (Double-free vulnerability in the authentication and
authentication ...)
- TODO: check
+ - libpam-mysql <unfixed> (bug #353589; high)
CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses
predictable ...)
- ee <unfixed> (bug #348322)
NOTE: Sarge and Woody are affected
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
