From f908cab6fc580e90239b158a5d7398d0f6995e81 Mon Sep 17 00:00:00 2001 From: Steffen Joeris Date: Mon, 5 Jan 2009 21:27:30 +0000 Subject: NFUs; add the old CVE id to DSA/DTSA reference as the default was changed as well git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10862 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- data/CVE/list | 36 ++++++++++++++++++------------------ data/DSA/list | 2 +- data/DTSA/list | 2 +- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 92c9a99b3f..afce4ac360 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -17,47 +17,47 @@ CVE-2008-5830 CVE-2008-5829 RESERVED CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...) - TODO: check + NOT-FOR-US: Nokia Firmware CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...) - TODO: check + NOT-FOR-US: Nokia Firmware CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field ...) - TODO: check + NOT-FOR-US: Nokia Firmware CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used ...) - TODO: check + NOT-FOR-US: Microsoft Money CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other ...) TODO: check CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on ...) TODO: check CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 ...) - TODO: check + NOT-FOR-US: eDreamers eDNews CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in eDreamers ...) - TODO: check + NOT-FOR-US: eDreamers eDNews CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers ...) - TODO: check + NOT-FOR-US: eDreamers eDNews CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web Scribble ...) - TODO: check + NOT-FOR-US: Web Scribble Solutions webClassifieds CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and ...) - TODO: check + NOT-FOR-US: ILIAS CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows remote ...) - TODO: check + NOT-FOR-US: phpAlumni CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ...) TODO: check CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...) - TODO: check + NOT-FOR-US: SPIP CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...) - TODO: check + NOT-FOR-US: SPIP CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery) ...) - TODO: check + NOT-FOR-US: joomla CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, ...) - TODO: check + NOT-FOR-US: Fujitsu-Siemens WebTransactions CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and ...) - TODO: check + NOT-FOR-US: futomi CGI Cafe Access Analyzer CGI Standard CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable Type ...) - TODO: check + NOT-FOR-US: Six Apart Movable Type Enterprise CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and ...) - TODO: check + - xterm 238-1 (medium; bug #510030) CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...) NOT-FOR-US: TestLink CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP ...) diff --git a/data/DSA/list b/data/DSA/list index 0230ccbd24..f4e757e8f8 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -3,7 +3,7 @@ [etch] - ruby1.9 1.9.0+20060609-1etch4 [etch] - ruby1.8 1.8.5-4etch4 [02 Jan 2009] DSA-1694-1 xterm - remote code execution - {CVE-2008-2383} + {CVE-2008-2383 CVE-2006-7236} [etch] - xterm 222-1etch3 [27 Dec 2008] DSA-1693-1 phppgadmin - several vulnerabilities {CVE-2007-2865 CVE-2007-5728 CVE-2008-5587} diff --git a/data/DTSA/list b/data/DTSA/list index 8282bf84d9..8f6c6b4bfc 100644 --- a/data/DTSA/list +++ b/data/DTSA/list @@ -543,5 +543,5 @@ [lenny] - uw-imap 2007b~dfsg-4+lenny3 NOTE: regression fix for DTSA-174-1 + additional patch [January 05th, 2009] DTSA-182-1 xterm - remote code execution - {CVE-2008-2383} + {CVE-2008-2383 CVE-2006-7236} [lenny] - xterm 235-2 -- cgit v1.2.3