[Secure-testing-commits] r12445 - in data: . CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Wed Jul 29 12:12:08 UTC 2009 

Author: derevko-guest
Date: 2009-07-29 12:12:07 +0000 (Wed, 29 Jul 2009)
New Revision: 12445

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
CVE-2009-0801 spu/ospu candidate
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-07-29 11:54:04 UTC (rev 12444)
+++ data/CVE/list	2009-07-29 12:12:07 UTC (rev 12445)
@@ -1,55 +1,55 @@
 CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
-	TODO: check
+	NOT-FOR-US: DataCheck Solutions V-SpacePal
 CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in ...)
-	TODO: check
+	NOT-FOR-US: MDPro module
 CVE-2009-2617 (Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 ...)
-	TODO: check
+	NOT-FOR-US: BaoFeng Storm
 CVE-2009-2616 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...)
-	TODO: check
+	NOT-FOR-US: DataCheck Solutions
 CVE-2009-2615 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...)
-	TODO: check
+	NOT-FOR-US: DataCheck Solutions
 CVE-2009-2614 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...)
-	TODO: check
+	NOT-FOR-US: DataCheck Solutions
 CVE-2009-2613 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...)
-	TODO: check
+	NOT-FOR-US: DataCheck Solutions
 CVE-2009-2612 (SQL injection vulnerability in login.aspx in ProSMDR allows remote ...)
-	TODO: check
+	NOT-FOR-US: ProSMDR
 CVE-2009-2611 (Directory traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: MyFusion
 CVE-2009-2610 (Cross-site scripting (XSS) vulnerability in the Links Related module ...)
-	TODO: check
+	NOT-FOR-US: Drupal module
 CVE-2009-2609 (SQL injection vulnerability in the amoCourse (com_amocourse) component ...)
-	TODO: check
+	NOT-FOR-US: Joomla! module
 CVE-2009-2608 (Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow ...)
-	TODO: check
+	NOT-FOR-US: PHP Address Book
 CVE-2009-2607 (SQL injection vulnerability in the com_pinboard component for Joomla! ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-2606 (ASP Football Pool 2.3 stores sensitive information under the web root ...)
-	TODO: check
+	NOT-FOR-US: ASP Football Pool
 CVE-2009-2605 (Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up ...)
-	TODO: check
+	NOT-FOR-US: Traidnt up
 CVE-2009-2604 (Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help ...)
-	TODO: check
+	NOT-FOR-US: Zen Help Desk
 CVE-2009-2603 (Multiple SQL injection vulnerabilities in index.php in Escon ...)
-	TODO: check
+	NOT-FOR-US: Escon SupportPortal Pro
 CVE-2009-2602 (R2 Newsletter Lite, Pro, and Stats stores sensitive information under ...)
-	TODO: check
+	NOT-FOR-US: R2 Newsletter Store
 CVE-2009-2601 (SQL injection vulnerability in the Joomlaequipment (aka JUser or ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-2600 (Multiple directory traversal vulnerabilities in view.php in Webboard ...)
-	TODO: check
+	NOT-FOR-US: Webboard
 CVE-2009-2599 (SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 ...)
-	TODO: check
+	NOT-FOR-US: RadCLASSIFIEDS
 CVE-2009-2598 (Multiple SQL injection vulnerabilities in Online Grades & Attendance ...)
-	TODO: check
+	NOT-FOR-US: Online Grades & Attendance
 CVE-2009-2597 (The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 
 CVE-2009-2596 (Unspecified vulnerability in the Solaris Auditing subsystem in Sun ...)
-	TODO: check
+	NOT-FOR-US: Solaris Auditing subsystem
 CVE-2008-6878 (** DISPUTED ** Directory traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zen Cart
 CVE-2008-6877 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Zen Cart
 CVE-2009-2622 [squid3 DoS because of missing bounds checks]
 	{DSA-1843-1}
 	- squid3 <unfixed> (medium; bug #538989)

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2009-07-29 11:54:04 UTC (rev 12444)
+++ data/ospu-candidates.txt	2009-07-29 12:12:07 UTC (rev 12445)
@@ -601,6 +601,16 @@
 
 --
 
+squid (CVE-2009-0801)
+#521053
+
+--
+
+squid3 (CVE-2009-0801)
+#521052
+
+--
+
 ssmtp (CVE-2008-3962)
 #498366
 notified maintainer

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2009-07-29 11:54:04 UTC (rev 12444)
+++ data/spu-candidates.txt	2009-07-29 12:12:07 UTC (rev 12445)
@@ -110,6 +110,16 @@
 
 --
 
+squid (CVE-2009-0801)
+#521053
+
+--
+
+squid3 (CVE-2009-0801)
+#521052
+
+--
+
 stardict (CVE-2009-2260)
 #534731
 notified maintainer

More information about the Secure-testing-commits mailing list