[Secure-testing-commits] r4725 - data/CVE

Stefan Fritsch Wed, 13 Sep 2006 12:29:05 -0700

Author: stef-guest
Date: 2006-09-13 19:28:55 +0000 (Wed, 13 Sep 2006)
New Revision: 4725


Modified:
   data/CVE/list
Log:
- CVE-2006-3739/3740 new libxfont issues fixed
- CVE-2004-1617 lynx fix from DSA uploaded to unstable (are these still
  not propagating automatically?)
- CVE-2006-3467 freetype fixed (previous entry was wrong)
- GNUTLS-SA-2006-4 gnutls13 fixed
- CVE-2006-4243 new linux vserver issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-09-13 09:14:40 UTC (rev 4724)
+++ data/CVE/list       2006-09-13 19:28:55 UTC (rev 4725)
@@ -221,7 +221,7 @@
 CVE-2006-XXXX [gnutls signature forgery]
        NOTE: GNUTLS-SA-2006-4
        NOTE: fix for gnutls13 reverted in 1.4.3-2
-       - gnutls13 <unfixed> (medium)
+       - gnutls13 1.4.4-1 (medium)
        - gnutls12 <unfixed> (medium)
        - gnutls11 <unfixed> (medium)
 CVE-2006-XXXX [gnutls Adaptive Chosen Ciphertext Attack]
@@ -1059,8 +1059,9 @@
        RESERVED
 CVE-2006-4244 (Unspecified vulnerability in unspecified versions of 
SQL-Ledger, ...)
        - sql-ledger 2.6.18-1 (medium; bug #386519)
-CVE-2006-4243
+CVE-2006-4243 [linux vserver priviledge escalation in remount code]
        RESERVED
+       - linux-2.6 2.6.17-9
 CVE-2006-4242 (PHP remote file inclusion vulnerability in install.jim.php in 
the JIM ...)
        NOT-FOR-US: JIM component for Joomla or Mambo
 CVE-2006-4241 (PHP remote file inclusion vulnerability in 
processor/reporter.sql.php ...)
@@ -2236,10 +2237,14 @@
        TODO: check
 CVE-2006-3741
        RESERVED
-CVE-2006-3740
+CVE-2006-3740 [libxfont CID integer overflows: scan_cidfont()]
        RESERVED
-CVE-2006-3739
+       - xfree86 <removed>
+       - libxfont 1:1.2.2-1
+CVE-2006-3739 [libxfont CID integer overflows: CIDAFM()]
        RESERVED
+       - xfree86 <removed>
+       - libxfont 1:1.2.2-1
 CVE-2006-3738
        RESERVED
 CVE-2006-XXXX [htdig: several unspecified security problems]
@@ -2824,7 +2829,7 @@
 CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote 
...)
        - linux-2.6 <unfixed>
 CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers 
to ...)
-       - freetype 2.2.1-1 (bug #379920; medium)
+       - freetype 2.2.1-5 (bug #379920; medium)
        - libxfont 1:1.2.0-2 (medium; bug #383353)
        [sarge] - xfree86 <unfixed> (medium)
 CVE-2006-3466
@@ -25189,7 +25194,7 @@
        NOT-FOR-US: Tonecast
 CVE-2004-1617 (Lynx and lynx-ssl allow remote attackers to cause a denial of 
service ...)
        {DSA-1077-1 DSA-1076-1}
-       - lynx 2.8.5-2sarge2 (bug #296340; low)
+       - lynx 2.8.5-2sarge1.2 (bug #296340; low)
        - lynx-cur 2.8.6-6 (low)
        - lynx-ssl <removed>
 CVE-2004-1616 (Links allows remote attackers to cause a denial of service 
(memory ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r4725 - data/CVE

Reply via email to