diff options
author | Henri Salo <henri@nerv.fi> | 2015-10-28 06:04:26 +0000 |
---|---|---|
committer | Henri Salo <henri@nerv.fi> | 2015-10-28 06:04:26 +0000 |
commit | 6560be7f3f7f1a379d59dcfda520f90568fc94c3 (patch) | |
tree | 1ef76e1e93e036408077ee6d57ff77c464e40779 /data/CVE/2006.list | |
parent | 220e4dae3fc30c747194a9b65fe89635af51d873 (diff) |
Cleanup double space after dot in notes to improve readability.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@37391 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/2006.list')
-rw-r--r-- | data/CVE/2006.list | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 1a310d9e64..d99d276b39 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1152,7 +1152,7 @@ CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and J - sun-java5 1.5.0-08-1 CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...) NOTE: Access to DMA-capable hardware such as graphics cards can, - NOTE: by design, bypass security restrictions. Not a real issue. + NOTE: by design, bypass security restrictions. Not a real issue. CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier ...) NOT-FOR-US: a-blog CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN ...) @@ -10308,7 +10308,7 @@ CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 5 - php4 4:4.4.4-1 (unimportant) - php5 5.1.6-1 (unimportant) NOTE: using a long enough path (>MAXPATHLEN) allows you to have - NOTE: tempnam create a file without the temp extension. sounds like + NOTE: tempnam create a file without the temp extension. sounds like NOTE: another shoot yourself in the foot issue, since the local user NOTE: could just as easily create the file manually, and if the NOTE: tempnam function is taking unsanitized input, it's an @@ -11061,8 +11061,8 @@ CVE-2006-2314 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before . - pygresql 3.8-1.1 (medium) [sarge] - pygresql <not-affected> (Already includes proper quoting) NOTE: Beginning with version 7.5.4, postgresql is a transition - NOTE: package which does not contain actual code. That's why - NOTE: it's marked as fixed here. (Previous versions are vulnerable.) + NOTE: package which does not contain actual code. That's why + NOTE: it's marked as fixed here. (Previous versions are vulnerable.) NOTE: The following packages needed to adapted to cope with the new system: NOTE: psycopg 1.1.21-5 (bug #369230) NOTE: python-pgsql 2.4.0-8 (bug #369250) @@ -11075,8 +11075,8 @@ CVE-2006-2313 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before . - postgresql-7.4 1:7.4.13-1 (high) - postgresql-8.1 8.1.4-1 (high) NOTE: Beginning with version 7.5.4, postgresql is a transition - NOTE: package which does not contain actual code. That's why - NOTE: it's marked as fixed here. (Previous versions are vulnerable.) + NOTE: package which does not contain actual code. That's why + NOTE: it's marked as fixed here. (Previous versions are vulnerable.) CVE-2006-2312 (Argument injection vulnerability in the URI handler in Skype 2.0.*.104 ...) NOT-FOR-US: Skype CVE-2006-2311 (Cross-site scripting (XSS) vulnerability in BlueDragon Server and ...) @@ -11533,7 +11533,7 @@ CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Tra [sarge] - trac <unfixed> (medium) NOTE: http://trac.edgewall.org/changeset/3201 NOTE: http://trac.edgewall.org/changeset/3287 - NOTE: the second reference fixes a regression in the first. i *believe* + NOTE: the second reference fixes a regression in the first. i *believe* NOTE: that these correctly solve the problem, though we really ought NOTE: to run this by upstream or the reporter. CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...) @@ -15224,7 +15224,7 @@ CVE-2006-0527 (BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, - bind 1:8.4.7-1 (low) [sarge] - bind <no-dsa> (Architectual limitatiom, upgrade to BIND 9 as a a fix) NOTE: BIND 8 is unsuitable for forwarder use because of its - NOTE: architecture. Upgrade to BIND 9 as a fix. + NOTE: architecture. Upgrade to BIND 9 as a fix. NOTE: This was fixed in sid by documenting it as an unfixable design limitation CVE-2006-0526 (The default configuration of the America Online (AOL) client software ...) NOT-FOR-US: AOL |