NFUs; add the old CVE id to DSA/DTSA reference as the default was changed as well

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10862 e39458fd-73e7-0310-bf30-c45bca0a0e42

3 files changed, 20 insertions, 20 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 92c9a99b3f..afce4ac360 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17,47 +17,47 @@ CVE-2008-5830
 CVE-2008-5829
 	RESERVED
 CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field ...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Money
 CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other ...)
 	TODO: check
 CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on ...)
 	TODO: check
 CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in eDreamers ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web Scribble ...)
-	TODO: check
+	NOT-FOR-US: Web Scribble Solutions webClassifieds
 CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows remote ...)
-	TODO: check
+	NOT-FOR-US: phpAlumni
 CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ...)
 	TODO: check
 CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...)
-	TODO: check
+	NOT-FOR-US: SPIP
 CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...)
-	TODO: check
+	NOT-FOR-US: SPIP
 CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery) ...)
-	TODO: check
+	NOT-FOR-US: joomla
 CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu-Siemens WebTransactions
 CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and ...)
-	TODO: check
+	NOT-FOR-US: futomi CGI Cafe Access Analyzer CGI Standard
 CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable Type ...)
-	TODO: check
+	NOT-FOR-US: Six Apart Movable Type Enterprise
 CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and ...)
-	TODO: check
+	- xterm 238-1 (medium; bug #510030)
 CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
 	NOT-FOR-US: TestLink
 CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP ...)
diff --git a/data/DSA/list b/data/DSA/list
index 0230ccbd24..f4e757e8f8 100644
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -3,7 +3,7 @@
 	[etch] - ruby1.9 1.9.0+20060609-1etch4
 	[etch] - ruby1.8 1.8.5-4etch4
 [02 Jan 2009] DSA-1694-1 xterm - remote code execution
-	{CVE-2008-2383}
+	{CVE-2008-2383 CVE-2006-7236}
 	[etch] - xterm 222-1etch3
 [27 Dec 2008] DSA-1693-1 phppgadmin - several vulnerabilities
 	{CVE-2007-2865 CVE-2007-5728 CVE-2008-5587}
diff --git a/data/DTSA/list b/data/DTSA/list
index 8282bf84d9..8f6c6b4bfc 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -543,5 +543,5 @@
 	[lenny] - uw-imap 2007b~dfsg-4+lenny3
 	NOTE: regression fix for DTSA-174-1 + additional patch
 [January 05th, 2009] DTSA-182-1 xterm - remote code execution
-	{CVE-2008-2383}
+	{CVE-2008-2383 CVE-2006-7236}
 	[lenny] - xterm 235-2