[Secure-testing-commits] r13567 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Dec 16 09:14:47 UTC 2009 

Author: joeyh
Date: 2009-12-16 09:14:37 +0000 (Wed, 16 Dec 2009)
New Revision: 13567

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-16 07:05:53 UTC (rev 13566)
+++ data/CVE/list	2009-12-16 09:14:37 UTC (rev 13567)
@@ -68,7 +68,7 @@
 	RESERVED
 CVE-2010-0001
 	RESERVED
-CVE-2009-4324 (Unspecified vulnerability in Adobe Reader and Acrobat 9.2 and earlier ...)
+CVE-2009-4324 (Use-after-free vulnerability in Doc.media.newPlayer in Adobe Reader ...)
 	TODO: check
 CVE-2009-4323 (The installation for Zen Cart stores sensitive information and ...)
 	NOT-FOR-US: Zen Cart
@@ -529,8 +529,7 @@
 	- linux-2.6.24 <removed> (medium)
 CVE-2009-4137
 	RESERVED
-CVE-2009-4136 [Privilege escalation through index functions]
-	RESERVED
+CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
@@ -781,8 +780,7 @@
 	RESERVED
 CVE-2009-4035
 	RESERVED
-CVE-2009-4034 [X.509 certificate spoofing using NUL characters]
-	RESERVED
+CVE-2009-4034 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
@@ -2276,8 +2274,8 @@
 CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...)
 	{DSA-1934-1}
 	NOTE: See separate CVE-2009-3555 file in SVN
-CVE-2009-3554
-	RESERVED
+CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss ...)
+	TODO: check
 CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling ...)
 	- cups 1.4.2-4 (low; bug #557740)
 	- cupsys <not-affected> (vulnerable code introduced in 1.3.x)
@@ -6200,8 +6198,8 @@
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
 	- linux-2.6.24 <removed>
-CVE-2009-2405
-	RESERVED
+CVE-2009-2405 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Console ...)
+	TODO: check
 CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in Mozilla ...)
 	{DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539934) 
@@ -8985,8 +8983,8 @@
 CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
 	{DSA-1802-2}
 	- squirrelmail 2:1.4.19-1
-CVE-2009-1380
-	RESERVED
+CVE-2009-1380 (Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in ...)
+	TODO: check
 CVE-2009-1379 (Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment ...)
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3

More information about the Secure-testing-commits mailing list