[Secure-testing-commits] r8806 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2008-05-14 14:34:24 +0000 (Wed, 14 May 2008)
New Revision: 8806

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-2004 fixed in qemu 0.9.1-5, kvm unfixed, check xen


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-05-14 13:40:46 UTC (rev 8805)
+++ data/CVE/list	2008-05-14 14:34:24 UTC (rev 8806)
@@ -83,7 +83,7 @@
 CVE-2008-2121 (The TCP implementation in Sun Solaris 8, 9, and 10 allows remote ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2008-2120 (Unspecified vulnerability in Sun Java System Application Server 7 ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Application Server
 CVE-2008-2119
 	RESERVED
 CVE-2008-2118 (SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows ...)
@@ -199,9 +199,9 @@
 CVE-2008-2072 (Cross-site scripting (XSS) vulnerability in index.php in Virtual ...)
 	NOT-FOR-US: vlbook
 CVE-2008-2071 (Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM ...)
-	TODO: check
+	NOT-FOR-US: cPanel
 CVE-2008-2070 (The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 ...)
-	TODO: check
+	NOT-FOR-US: cPanel
 CVE-2008-2069 (Buffer overflow in Novell GroupWise 7 allows remote attackers to cause ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2008-2068 (Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows ...)
@@ -338,7 +338,10 @@
 CVE-2008-2005 (The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before ...)
 	NOT-FOR-US: SuiteLink
 CVE-2008-2004 (The drive_init function in QEMU 0.9.1 determines the format of a raw ...)
-	TODO: check
+	- qemu 0.9.1-5
+	- kvm <unfixed> (bug #481204)
+	TODO: check xen-unstable and xen-2
+	- xen-3.0 <removed>
 CVE-2008-2003 (BadBlue 2.72 Personal Edition stores multiple programs in the web ...)
 	NOT-FOR-US: BadBlue
 CVE-2008-2002 (Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola ...)