[Secure-testing-commits] r12048 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Thu Jun 4 21:45:05 UTC 2009 

Author: derevko-guest
Date: 2009-06-04 21:45:04 +0000 (Thu, 04 Jun 2009)
New Revision: 12048

Modified:
   data/CVE/list
Log:
NFUs
libapache-mod-security issue already fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-04 21:15:02 UTC (rev 12047)
+++ data/CVE/list	2009-06-04 21:45:04 UTC (rev 12048)
@@ -1,25 +1,25 @@
 CVE-2009-1906 (The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2009-1904
 	RESERVED
 CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...)
-	TODO: check
+	- libapache-mod-security 2.5.9-1 
 CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows remote ...)
-	TODO: check
+	- libapache-mod-security 2.5.9-1
 CVE-2009-1901 (The Security component in IBM WebSphere Application Server (WAS) 6.0.2 ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-1900 (The Configservice APIs in the Administrative Console component in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-1899 (Unspecified vulnerability in the System Management/Repository ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-1898 (The secure login page in the Administrative Console component in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2008-6821 (Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-6820 (The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2009-XXXX [dokuwiki local file inclusion]
 	- dokuwiki <unfixed> (unimportant)
 	NOTE: we don't support setups with register_globals enabled
@@ -3025,21 +3025,21 @@
 CVE-2009-0958
 	RESERVED
 CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0956 (Apple QuickTime before 7.6.2 does not properly initialize memory ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0955 (Apple QuickTime before 7.6.2 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0954 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0953 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0952 (Buffer overflow in Apple QuickTime before 7.6.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0951 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0950 (Stack-based buffer overflow in Apple iTunes before 8.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes
 CVE-2009-0949
 	RESERVED
 	{DSA-1811-1}
@@ -3190,19 +3190,19 @@
 CVE-2009-0900
 	RESERVED
 CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-0898
 	RESERVED
 CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0896 (Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-0895
 	RESERVED
 CVE-2009-0894 (Heap-based buffer overflow in the decoder_create function in the ...)
-	TODO: check
+	NOT-FOR-US: Xvid
 CVE-2009-0893 (Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the ...)
-	TODO: check
+	NOT-FOR-US: Xvid
 CVE-2009-0892 (The administrative console in IBM WebSphere Application Server (WAS) ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0891 (The Web Services Security component in IBM WebSphere Application ...)
@@ -6097,14 +6097,14 @@
 CVE-2009-0189
 	RESERVED
 CVE-2009-0188 (Apple QuickTime before 7.6.2 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0187 (Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and ...)
 	NOT-FOR-US: Orbit Downloader
 CVE-2009-0186 (Integer overflow in libsndfile 1.0.18, as used in Winamp and other ...)
 	{DSA-1742-1}
 	- libsndfile 1.0.19-1 (medium)
 CVE-2009-0185 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2009-0184 (Multiple buffer overflows in the torrent parsing implementation in ...)
 	NOT-FOR-US: Free Download Manager
 CVE-2009-0183 (Stack-based buffer overflow in Remote Control Server in Free Download ...)
@@ -15645,7 +15645,7 @@
 CVE-2008-2155
 	RESERVED
 CVE-2008-2154 (IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-2153
 	RESERVED
 CVE-2008-2152 (Integer overflow in the rtl_allocateMemory function in ...)

More information about the Secure-testing-commits mailing list