spring cleanup:

syslog-ng not-affected
removed gjay, a bug, not a security problem
removed bogus python issue
libpam-opie unimportant
mutt unimportant
vipw not exploitable
no-dsa for several minor issues
kmail issue is an inherent design problem


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4616 e39458fd-73e7-0310-bf30-c45bca0a0e42

3 files changed, 24 insertions, 20 deletions

diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 0b95421b24..b3155bc5e4 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -206,7 +206,9 @@ CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local
 CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...)
 	NOT-FOR-US: Alcatel hardware issue
 CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows ...)
-	- libpam-opie <unfixed> (bug #112279; low)
+	- libpam-opie <unfixed> (bug #112279; unimportant)
+	NOTE: This is documented and not really important. In contrast to passwords
+	NOTE: used by humans 
 	[sarge] - libpam-opie <no-dsa> (Documented shortcoming, minor impact)
 CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 ...)
 	NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 3808e1418d..976daf8109 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -3940,7 +3940,7 @@ CVE-2005-XXXX [coreutils ignores umask when using -m in mkdir, mkfifo and mknod]
 	[sarge] - coreutils <no-dsa> (Minor issue, hardly exploitable)
 	[woody] - coreutils <no-dsa> (Minor issue, hardly exploitable)
 CVE-2005-XXXX [tar's rmt command may have undesired side effects]
-	- tar <unfixed> (bug #290435; low)
+	- tar <unfixed> (bug #290435; unimportant)
 	[sarge] - tar <no-dsa> (Hardly exploitable)
 CVE-2005-XXXX [smbmount doesn't honor gid/uid with kernel 2.4]
 	- kernel-source-2.4.27 <unfixed> (bug #310982; low)
@@ -5561,10 +5561,11 @@ CVE-2005-XXXX [clamav-getfile: Insecure use of temporary files]
 CVE-2005-3254 (The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect ...)
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316881; low)
-	NOTE: Sarge and Woody affected
+	[sarge] - cgiwrap <no-dsa> (Minor impact)
 CVE-2005-3255 (The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian ...)
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316901; low)
+	[sarge] - cgiwrap <no-dsa> (Minor information disclosure, only debugging libs)
 CVE-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows ...)
 	{DSA-1016-1 DTSA-13-1}
 	- evolution 2.2.3-3 (high; bug #322535)
@@ -5985,8 +5986,10 @@ CVE-2005-XXXX [Integer overflow in ffmpeg's MPEG encoding]
 	- ffmpeg 0.cvs20050811-1 (bug #320150; medium)
 CVE-2005-XXXX [xgalaga score file segfault]
 	- xgalaga 2.0.34-31 (bug #319686; low)
+	[sarge] - xgalaga <no-dsa> (Minor issue)
 CVE-2005-XXXX [xemeraldia games file overwrite]
 	- xemeraldia 0.4-1 (bug #319661; low)
+	[sarge] -xemeraldia <no-dsa> (Very minor issue)
 CVE-2005-2335 (Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows ...)
 	{DSA-774-1}
 	NOTE: previous fix in -15 was broken
@@ -6464,6 +6467,7 @@ CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a de
 	NOTE: see dannf's first bug comment; systemimager-ssh doesn't use compression
 	[woody] - texmacs <not-affected> (Woody contains zlib 1.1, which is not affected)
 	- texmacs 1:1.0.5-3 (bug #318100; medium)
+	[sarge] - texmacs <no-dsa> (Hardly exploitable)
 	- zlib 1:1.2.2-7 (bug #317133; medium)
 	- pvpgn 1.7.8-2 (bug #332236; unknown)
 	- mysql-dfsg-4.1 (bug #319858; unimportant)
@@ -7257,8 +7261,9 @@ CVE-2005-XXXX [Unspecified issue in moodle's admin/delete.php]
 	- moodle 1.4.4.dfsg.1-3
 CVE-2005-2351 [Minor DoS condition in mutt due to preditable tempfiles]
 	RESERVED
-	- mutt <unfixed> (bug #311296; low)
+	- mutt <unfixed> (bug #311296; unimportant)
 	[sarge] - mutt <no-dsa> (Minor annoyance, not a real DoS)
+	NOTE: An "attacker" could achieve the same by simply filling up /tmp
 CVE-2005-XXXX [gforge arbitrary code execution through viewFile.php]
 	NOTE: viewFile.php has been removed along with other files in -26, so Debian is
 	NOTE: no longer affected.
@@ -8151,8 +8156,6 @@ CVE-2005-XXXX [Insecure mailbox generation in passwd's useradd]
 	- shadow 4.0.8
 	[sarge] - shadow <not-affected> (was introduced after version 4.0.3)
 	[woody] - shadow <not-affected> (was introduced after version 4.0.3)
-CVE-2005-XXXX [Insecure tempfile generation in shadow's vipw] 
-	- shadow 1:4.0.3-33
 CVE-2005-1364 (Multiple SQL injection vulnerabilities in MetaBid Auctions allow ...)
 	NOT-FOR-US: MetaBid Auctions
 CVE-2005-1363 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow ...)
@@ -10309,15 +10312,12 @@ CVE-2005-0406 (A design flaw in image processing software that modifies JPEG ima
 CVE-2005-0405
 	RESERVED
 CVE-2005-0404 (KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email ...)
-	NOTE: see http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html
 	NOTE: see http://bugs.kde.org/show_bug.cgi?id=96020
-	NOTE: see http://www.securiteam.com/unixfocus/5GP0B0AFFE.html
-	NOTE: see http://secunia.com/advisories/14925
-	NOTE: kde maintainers informed of it by security team
-	- kdepim <unfixed> (bug #305601; low)
+	- kdepim 3.4-1 (bug #305601; low)
 	[sarge] - kdepim <no-dsa> (Hardly exploitable)
-	NOTE: On woody, kmail is part of kdenetwork, but there is no GnuPG
-	NOTE: support, so this issue is not very important.
+	NOTE: According to the KDE bug the URL bar in 3.4 cannot be manipulated. Kmail also
+	NOTE: warns that HTML mails introduce the risk of phishing. This could as well
+	NOTE: be unimportant
 CVE-2005-0403 (init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat ...)
 	- glibc <not-affected> (Specific to the NPTL backport for RHEL 3)
 CVE-2005-0402 (Firefox before 1.0.2 allows remote attackers to execute arbitrary code ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index f11f68e54e..2474e98fd2 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -931,7 +931,8 @@ CVE-2006-3839
 CVE-2006-3838 (Multiple stack-based buffer overflows in eIQnetworks Enterprise ...)
 	NOT-FOR-US: eIQnetworks Enterprise
 CVE-2006-XXXX [syslog-ng dos]
-	- syslog-ng 2.0rc1-2
+	- syslog-ng 2.0rc1-2 (low)
+	[sarge] - syslog-ng <not-affected> (Vulnerable code not present)
 CVE-2006-XXXX [courier-authdaemon: wrong socket permissions may lead to password disclosure]
 	- courier-authlib 0.58-3.1 (bug #378571; medium)
 	[sarge] - courier-authlib <not-affected> (bug #378571; medium)
@@ -939,8 +940,6 @@ CVE-2006-4046 (Multiple stack-based buffer overflows in Open Cubic Player 2.6.0p
 	- ocp 0.1.10rc6-1 (medium; bug #381098)
 CVE-2006-XXXX [uqwk buffer overflow]
 	- uqwk 2.21-13 (bug #376577; medium)
-CVE-2006-XXXX [gjay buffer overrun]
-	- gjay 0.2.8.3-5 (bug #361056)
 CVE-2006-XXXX [Webalizer buffer overflows]
 	- webalizer <unfixed> (unknown)
 	NOTE: 11_various_buffer_overflows should be reviewed for exploitability
@@ -3376,6 +3375,7 @@ CVE-2006-2770 (Directory traversal vulnerability in randompic.php in pppBLOG 0.3
 	NOT-FOR-US: pppBLOG
 CVE-2006-2769 (The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through ...)
 	- snort 2.3.3-8 (low; bug #381726)
+	[sarge] - snort <no-dsa> (Minor impact)
 CVE-2006-2768 (PHP remote file inclusion vulnerability in METAjour 2.1, when ...)
 	NOT-FOR-US: METAjour
 CVE-2006-2767 (PHP remote file inclusion vulnerability in Ottoman 1.1.2, when ...)
@@ -6186,14 +6186,15 @@ CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php i
 CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba ...)
 	NOT-FOR-US: VNews 
 CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running on ...)
-	- python2.3 <unfixed>
-	- python2.4 <unfixed>
+	NOT-FOR-US: Bogus issue, this doesn't trigger any local overflow
+	NOTE: Should be rejected
 CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ...)
 	NOT-FOR-US: EzASPSite
 CVE-2006-1540 (MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in ...)
 	- bsdgames 2.17-6 (bug #361160)
+	[sarge] - bsdgames <no-dsa> (Minor impact)
 CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire from ...)
 	NOT-FOR-US: Enova X-Wall ASIC
 CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain ...)
@@ -7062,6 +7063,7 @@ CVE-2006-1151 (Cross-site scripting vulnerability in index.php in M-Phorum 0.2 a
 	NOT-FOR-US: M-Phorum
 CVE-2006-1150 (Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, ...)
 	- teg 0.11.1-3 (bug #357645; low)
+	[sarge] - teg <no-dsa> (Only DoS against exotic, mostly single player game)
 CVE-2006-1149 (PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL ...)
 	NOT-FOR-US: OWL Intranet Engine 
 CVE-2006-1148 (Multiple stack-based buffer overflows in the procConnectArgs function ...)
@@ -8218,8 +8220,8 @@ CVE-2006-0637 (Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allo
 CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
 	NOT-FOR-US: eyeOS
 CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...)
-	- tcc <unfixed> (bug #352202; medium)
-	NOTE: Sarge status not yet analysed
+	- tcc <unfixed> (bug #352202; low)
+	[sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use)
 CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...)
 	NOT-FOR-US: Borland C++Builder
 CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)