[Secure-testing-commits] r12442 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Jul 29 09:14:43 UTC 2009


Author: joeyh
Date: 2009-07-29 09:14:38 +0000 (Wed, 29 Jul 2009)
New Revision: 12442

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-07-29 07:23:57 UTC (rev 12441)
+++ data/CVE/list	2009-07-29 09:14:38 UTC (rev 12442)
@@ -556,10 +556,12 @@
 	RESERVED
 CVE-2009-2407 [linux-2.6: ecryptfs issue]
 	RESERVED
+	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 <unfixed> (medium)
 	- linux-2.6.24 <removed>
 CVE-2009-2406 [linux-2.6: ecryptfs issue]
 	RESERVED
+	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 <unfixed> (medium)
 	- linux-2.6.24 <removed>
 CVE-2009-2405
@@ -849,6 +851,7 @@
 CVE-2009-2289 (Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade ...)
 	NOT-FOR-US: Arcade Trade Script
 CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel ...)
+	{DSA-1846-1 DSA-1845-1}
 	- linux-2.6 2.6.30-2 (low)
 	- linux-2.6.24 <removed>
 CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...)
@@ -1683,6 +1686,7 @@
 	NOTE: These issues can be fixed in more recent upstream versions, but the risk
 	NOTE: of regression doesn't outweigh the issue at hand
 CVE-2009-1961 (The inode double locking code in fs/ocfs2/file.c in the Linux kernel ...)
+	{DSA-1844-1}
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Affected code was introduced in 2.6.19)
 	[lenny] - linux-2.6 2.6.26-16
@@ -1793,6 +1797,7 @@
 CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ...)
 	NOT-FOR-US: ICQ
 CVE-2009-1914 (The pci_register_iommu_region function in ...)
+	{DSA-1844-1}
 	- linux-2.6 2.6.29-1 (low; bug #532722)
 	[lenny] - linux-2.6 2.6.26-16
 	[squeeze] - linux-2.6 2.6.26-16
@@ -1855,6 +1860,7 @@
 CVE-2009-1896
 	RESERVED
 CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a ...)
+	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
 	[etch] - linux-2.6 <not-affected> (mmap_min_addr first indroduced in 2.6.23)
 	- linux-2.6.24 <removed>
@@ -2567,7 +2573,7 @@
 CVE-2009-1634 (The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2009-1633 (Multiple buffer overflows in the cifs subsystem in the Linux kernel ...)
-	{DSA-1809-1}
+	{DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1 
 	[squeeze] - linux-2.6 2.6.26-17
 	- linux-2.6.24 <removed>
@@ -2580,7 +2586,7 @@
 	NOTE: This is minor, but since other Evolution issues need to be fixed anyway
 	NOTE: it can be fixed along
 CVE-2009-1630 (The nfs_permission function in fs/nfs/dir.c in the NFS client ...)
-	{DSA-1809-1}
+	{DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1 
 	[squeeze] - linux-2.6 2.6.26-17
 	- linux-2.6.24 <removed>
@@ -3274,6 +3280,7 @@
 	[etch] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 	[squeeze] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 CVE-2009-1389 (Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the ...)
+	{DSA-1844-1}
 	- linux-2.6 2.6.26-16 (high; bug #532376)
 	- linux-2.6.24 <removed>
 	NOTE: potential for kernel memory corruption by remote attacker
@@ -3290,6 +3297,7 @@
 	- openssl 0.9.8k-1 (low; bug #532037)
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
 CVE-2009-1385 (Integer underflow in the e1000_clean_rx_irq function in ...)
+	{DSA-1844-1}
 	- linux-2.6 2.6.26-16 (low; bug #532721)
 	- linux-2.6.24 <removed>
 CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux ...)
@@ -6106,6 +6114,7 @@
 	RESERVED
 CVE-2009-0696 [bind DoS with dynamic updates]
 	RESERVED
+	{DSA-1847-1}
 	- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
 	NOTE: See also http://www.kb.cert.org/vuls/id/725188
 CVE-2009-0695




More information about the Secure-testing-commits mailing list