logo       
<prev   next>

r4725 - data/CVE: msg#00070

linux.debian.devel.secure-testing.cvs

Subject: r4725 - data/CVE

Author: stef-guest
Date: 2006-09-13 19:28:55 +0000 (Wed, 13 Sep 2006)
New Revision: 4725

Modified:
data/CVE/list
Log:
- CVE-2006-3739/3740 new libxfont issues fixed
- CVE-2004-1617 lynx fix from DSA uploaded to unstable (are these still
not propagating automatically?)
- CVE-2006-3467 freetype fixed (previous entry was wrong)
- GNUTLS-SA-2006-4 gnutls13 fixed
- CVE-2006-4243 new linux vserver issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-09-13 09:14:40 UTC (rev 4724)
+++ data/CVE/list 2006-09-13 19:28:55 UTC (rev 4725)
@@ -221,7 +221,7 @@
CVE-2006-XXXX [gnutls signature forgery]
NOTE: GNUTLS-SA-2006-4
NOTE: fix for gnutls13 reverted in 1.4.3-2
- - gnutls13 <unfixed> (medium)
+ - gnutls13 1.4.4-1 (medium)
- gnutls12 <unfixed> (medium)
- gnutls11 <unfixed> (medium)
CVE-2006-XXXX [gnutls Adaptive Chosen Ciphertext Attack]
@@ -1059,8 +1059,9 @@
RESERVED
CVE-2006-4244 (Unspecified vulnerability in unspecified versions of
SQL-Ledger, ...)
- sql-ledger 2.6.18-1 (medium; bug #386519)
-CVE-2006-4243
+CVE-2006-4243 [linux vserver priviledge escalation in remount code]
RESERVED
+ - linux-2.6 2.6.17-9
CVE-2006-4242 (PHP remote file inclusion vulnerability in install.jim.php in
the JIM ...)
NOT-FOR-US: JIM component for Joomla or Mambo
CVE-2006-4241 (PHP remote file inclusion vulnerability in
processor/reporter.sql.php ...)
@@ -2236,10 +2237,14 @@
TODO: check
CVE-2006-3741
RESERVED
-CVE-2006-3740
+CVE-2006-3740 [libxfont CID integer overflows: scan_cidfont()]
RESERVED
-CVE-2006-3739
+ - xfree86 <removed>
+ - libxfont 1:1.2.2-1
+CVE-2006-3739 [libxfont CID integer overflows: CIDAFM()]
RESERVED
+ - xfree86 <removed>
+ - libxfont 1:1.2.2-1
CVE-2006-3738
RESERVED
CVE-2006-XXXX [htdig: several unspecified security problems]
@@ -2824,7 +2829,7 @@
CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote
...)
- linux-2.6 <unfixed>
CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers
to ...)
- - freetype 2.2.1-1 (bug #379920; medium)
+ - freetype 2.2.1-5 (bug #379920; medium)
- libxfont 1:1.2.0-2 (medium; bug #383353)
[sarge] - xfree86 <unfixed> (medium)
CVE-2006-3466
@@ -25189,7 +25194,7 @@
NOT-FOR-US: Tonecast
CVE-2004-1617 (Lynx and lynx-ssl allow remote attackers to cause a denial of
service ...)
{DSA-1077-1 DSA-1076-1}
- - lynx 2.8.5-2sarge2 (bug #296340; low)
+ - lynx 2.8.5-2sarge1.2 (bug #296340; low)
- lynx-cur 2.8.6-6 (low)
- lynx-ssl <removed>
CVE-2004-1616 (Links allows remote attackers to cause a denial of service
(memory ...)
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  r4724 - data/CVE, Joey Hess
Next by Date:  Processing r4725 failed, secure-testing
Previous by Thread:  r4724 - data/CVE, Joey Hess
Next by Thread:  Processing r4725 failed, secure-testing
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise