[Secure-testing-commits] r13587 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Thu Dec 17 18:39:59 UTC 2009


Author: geissert
Date: 2009-12-17 18:39:59 +0000 (Thu, 17 Dec 2009)
New Revision: 13587

Modified:
   data/CVE/list
Log:
ganeti and horde issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-17 18:21:53 UTC (rev 13586)
+++ data/CVE/list	2009-12-17 18:39:59 UTC (rev 13587)
@@ -336,8 +336,11 @@
 	[etch] - python-docutils <not-affected> (vulnerable code introduced in 0.5)
 	[lenny] - python-docutils <no-dsa> (Minor issue)
 	NOTE: cve requested
-CVE-2009-4261
+CVE-2009-4261 [command execution]
 	RESERVED
+	- ganeti <unfixed>
+	TODO: check
+	NOTE: http://www.ocert.org/advisories/ocert-2009-019.html
 CVE-2009-4260
 	RESERVED
 CVE-2009-4259
@@ -1865,8 +1868,10 @@
 	RESERVED
 CVE-2009-3702
 	RESERVED
-CVE-2009-3701
+CVE-2009-3701 [horde XSS via PHP_SELF]
 	RESERVED
+	- horde3 <unfixed>
+	TODO: check
 CVE-2009-3700 (Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote ...)
 	- squidguard <unfixed> (low; bug #553319)
 CVE-2009-3699 (Stack-based buffer overflow in libcsa.a (aka the calendar daemon ...)




More information about the Secure-testing-commits mailing list