1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
[August 26th, 2005] DTSA-1-1 kismet - various
{CVE-2005-2626 CVE-2005-2627 }
[etch] - kismet 2005.08.R1-0.1etch1 (high)
[August 28th, 2005] DTSA-2-1 centericq - multiple vulnerabilities
{CVE-2005-2448 CVE-2005-2370 CVE-2005-2369 CVE-2005-1914 }
[etch] - centericq 4.20.0-8etch1 (medium)
[August 28th, 2005] DTSA-3-1 clamav - denial of service and privilege escalation
{CVE-2005-2070 CVE-2005-1923 CVE-2005-2056 CVE-2005-1922 CVE-2005-2450 }
[etch] - clamav 0.86.2-4etch1 (high)
[August 28th, 2005] DTSA-4-1 ekg - multiple vulnerabilities
{CVE-2005-1916 CVE-2005-1851 CVE-2005-1850 CVE-2005-1852 CVE-2005-2448 }
[etch] - ekg 1:1.5+20050808+1.6rc3-0etch1 (high)
[August 28th, 2005] DTSA-5-1 gaim - multiple remote vulnerabilities
{CVE-2005-2102 CVE-2005-2370 CVE-2005-2103 }
[etch] - gaim 1:1.4.0-5etch2 (high)
[August 28th, 2005] DTSA-6-1 cgiwrap - multiple vulnerabilities
{CVE-2005-3254 CVE-2005-3255}
[etch] - cgiwrap 3.9-3.0etch1 (medium)
[August 28th, 2005] DTSA-7-1 mozilla - frame injection spoofing
{CVE-2004-0718 CVE-2005-1937 }
[etch] - mozilla 2:1.7.8-1sarge1 (medium)
[September 1st, 2005] DTSA-8-2 mozilla-firefox - several vulnerabilities (update)
{CVE-2004-0718 CVE-2005-1937 CVE-2005-2260 CVE-2005-2261 CVE-2005-2262 CVE-2005-2263 CVE-2005-2264 CVE-2005-2265 CVE-2005-2266 CVE-2005-2267 CVE-2005-2268 CVE-2005-2269 CVE-2005-2270 }
[etch] - mozilla-firefox 1.0.4-2sarge3 (medium)
[August 31st, 2005] DTSA-9-1 bluez-utils - bad device name escaping
{CVE-2005-2547 }
[etch] - bluez-utils 2.19-0.1etch1 (high)
[August 29th, 2005] DTSA-10-1 pcre3 - buffer overflow
{CVE-2005-2491 }
[etch] - pcre3 6.3-0.1etch1 (high)
[August 29th, 2005] DTSA-11-1 maildrop - local privilege escalation
{CVE-2005-2655 }
[etch] - maildrop 1.5.3-1.1etch1 (medium)
[September 8th, 2005] DTSA-12-1 vim - modeline exploits
{CVE-2005-2368 }
[etch] - vim 1:6.3-085+0.0etch1 (medium)
[September 8th, 2005] DTSA-13-1 evolution - format string vulnerabilities
{CVE-2005-2549 CVE-2005-2550 }
[etch] - evolution 2.2.3-2etch1 (high)
[September 13th, 2005] DTSA-14-1 mozilla - several
{CVE-2004-0718 CVE-2005-1937 CVE-2005-2260 CVE-2005-2261 CVE-2005-2263 CVE-2005-2265 CVE-2005-2266 CVE-2005-2268 CVE-2005-2269 CVE-2005-2270 }
[etch] - mozilla 2:1.7.8-1sarge2
[September 13th, 2005] DTSA-15-1 php4 - several vulnerabilities
{CVE-2005-1751 CVE-2005-1921 CVE-2005-2498 }
[etch] - php4 4:4.3.10-16etch1
[September 15th, 2005] DTSA-16-1 linux-2.6 - various
{CVE-2005-2098 CVE-2005-2099 CVE-2005-2456 CVE-2005-2617 CVE-2005-1913 CVE-2005-1761 CVE-2005-2457 CVE-2005-2458 CVE-2005-2459 CVE-2005-2548 CVE-2004-2302 CVE-2005-1765 CVE-2005-1762 CVE-2005-2555 }
NOTE: Just a pointer to a regular update in testing.
[September 15th, 2005] DTSA-17-1 lm-sensors - insecure temporary file
{CVE-2005-2672 }
[etch] - lm-sensors 1:2.9.1-6etch1
[September 22nd, 2005] DTSA-19-1 clamav - buffer overflow and infinate loop problems
{CVE-2005-2919 CVE-2005-2920 }
[etch] - clamav 0.86.2-4etch2
[October 13th, 2005] DTSA-20-1 mailutils - Format string vulnerability
{CVE-2005-2878 }
[etch] - mailutils 1:0.6.90-2.1etch1
[November 3rd, 2005] DTSA-21-1 clamav - Denial of service vulnerabilities and buffer overflow
{CVE-2005-3239 CVE-2005-3500 CVE-2005-3501 CVE-2005-3303 }
[etch] - clamav 0.87.1-0etch.1
[December 5th, 2005] DTSA-22-1 uim - local privilege escalation
{CVE-2005-3149 }
[etch] - uim 1:0.4.7-2.0etch1
[December 5th, 2005] DTSA-23-1 centericq - buffer overflow
{CVE-2005-3863 }
[etch] - centericq 4.21.0-6.0etch1
[December 5th, 2005] DTSA-24-1 inkscape - buffer overflow
{CVE-2005-3737 }
[etch] - inkscape 0.43-0.0etch1
[December 5th, 2005] DTSA-25-1 smb4k - access validation error
{CVE-2005-2851 }
[etch] - smb4k 0.6.4-0.0etch1
[December 5th, 2005] DTSA-26-1 trackballs - symlink attack
[etch] - trackballs 1.1.1-0.0etch1
[January 20th, 2006] DTSA-27-1 fuse - potential data corruption when installed seduid root
{CVE-2005-3531 }
[etch] - fuse 2.3.0-4.2etch1
[January 25th, 2005] DTSA-28-1 gpdf - multiple vulnerabilities
{CVE-2005-2097 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628 }
[etch] - gpdf 2.10.0-1+etch1
[June 15th, 2006] DTSA-29-1 blender - heap-based buffer overflow
{CVE-2005-4470 }
[etch] - blender 2.37a-1.1etch1
[September 27th, 2006] DTSA-31-1 hyperestraier - cross-site request forgery (CSRF) vulnerability
{CVE-2006-3671 }
[etch] - hyperestraier 1.0.6-1.1etch1
[February 1st, 2007] DTSA-32-1 bcfg2 - programming error
[etch] - bcfg2 0.8.6.1-1.1etch1
[February 12th, 2007] DTSA-33-1 wordpress - multiple vulnerabilities
{CVE-2007-0262 CVE-2007-0539 CVE-2007-0541 }
[etch] - wordpress 2.0.8-1
[March 3rd, 2007] DTSA-34-1 wordpress - cross-site scripting
{CVE-2007-1049 }
[etch] - wordpress 2.0.9-1
[April 30th, 2007] DTSA-35-1 aircrack-ng - programming error
{CVE-2007-2057 }
[lenny] - aircrack-ng 1:0.8-0.1lenny1
TODO: unreleased
|
