[Secure-testing-team] Re: [Secure-testing-commits] r3477 - in
data: . CVE DSA
Moritz Muehlenhoff
jmm at inutil.org
Tue Feb 14 11:50:03 UTC 2006
Florian Weimer wrote:
> > remove mydns dupe
>
> > -CVE-2006-XXXX [mydns remote DoS]
> > - - mydns 1.1.0+pre-3 (medium)
> > CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to ...)
> > {DSA-956-1}
> > - lsh-utils 2.0.1cdbs-4 (low; bug #349303)
> > @@ -3718,7 +3716,7 @@
> > - helix-player <unfixed> (unknown)
> > NOTE: http://service.real.com/help/faq/security/security111605.html
> > CVE-2005-XXXX [maradns risk mitigation against AES side channel attacks by Shamir et al.]
> > - - maradns 1.0.35-1
> > + - maradns 1.0.35-1 (unimportant)
>
> Ahem, mydns is not maradns, I think.
That is certainly true, but mydns is already covered here:
CVE-2006-0351 (Unspecified "critical denial-of-service vulnerability" in MyDNS before ...)
{DSA-963-1}
[sarge] - mydns 1.0.0-4sarge1
- mydns 1.1.0+pre-3 (medium; bug #348826)
Cheers,
Moritz
More information about the Secure-testing-team
mailing list