[Secure-testing-commits] r13556 - data/CVE
Florian Weimer
fw at alioth.debian.org
Tue Dec 15 14:38:18 UTC 2009
Author: fw
Date: 2009-12-15 14:38:18 +0000 (Tue, 15 Dec 2009)
New Revision: 13556
Modified:
data/CVE/list
Log:
CVE-2009-4136, CVE-2009-4034: postgresql-*
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-15 13:10:28 UTC (rev 13555)
+++ data/CVE/list 2009-12-15 14:38:18 UTC (rev 13556)
@@ -436,8 +436,13 @@
- linux-2.6.24 <removed> (medium)
CVE-2009-4137
RESERVED
-CVE-2009-4136
+CVE-2009-4136 [Privilege escalation through index functions]
RESERVED
+ - postgresql-7.4 <removed>
+ - postgresql-8.1 <removed>
+ - postgresql-8.2 <removed>
+ - postgresql-8.3 8.3.9-1 (low)
+ - postgresql-8.4 8.4.2-1 (low)
CVE-2009-4135 (The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 ...)
- coreutils <not-affected> (this issue only affects the coreutils build process; bug #560898)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
@@ -682,8 +687,13 @@
RESERVED
CVE-2009-4035
RESERVED
-CVE-2009-4034
+CVE-2009-4034 [X.509 certificate spoofing using NUL characters]
RESERVED
+ - postgresql-7.4 <removed>
+ - postgresql-8.1 <removed>
+ - postgresql-8.2 <removed>
+ - postgresql-8.3 8.3.9-1 (low)
+ - postgresql-8.4 8.4.2-1 (low)
CVE-2009-4033 (A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to ...)
- acpid <not-affected> (problem in redhat-specific patch; debian uses sensible permissions 0664)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=515062
More information about the Secure-testing-commits
mailing list