[Secure-testing-commits] r11913 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun May 17 22:35:28 UTC 2009
Author: gilbert-guest
Date: 2009-05-17 22:35:28 +0000 (Sun, 17 May 2009)
New Revision: 11913
Modified:
data/CVE/list
Log:
- new drupal and kdebase issues
- tightvnc issue doesn't appear to be windows-specific
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-17 09:23:16 UTC (rev 11912)
+++ data/CVE/list 2009-05-17 22:35:28 UTC (rev 11913)
@@ -1,3 +1,10 @@
+CVE-2009-XXXX [drupal: cross-site scripting vulnerability]
+ - drupal5 5.18 (low; bug #529191)
+ - drupal6 6.12 (low; bug #529190)
+CVE-2009-XXXX [kdebase: potential digital certificate deficiencies in konqueror 4]
+ - kdebase <unfixed> (low; bug #526985)
+ [etch] - kdebase <not-affected> (vulnerability introduced in konqueror 4)
+ [lenny] - kdebase <not-affected> (vulnerability introduced in konqueror 4)
CVE-2009-1636
RESERVED
CVE-2009-1635
@@ -4659,7 +4666,8 @@
CVE-2009-0389 (Multiple insecure method vulnerabilities in the Web On Windows (WOW) ...)
NOT-FOR-US: ActiveX
CVE-2009-0388 (Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and ...)
- - tightvnc <not-affected> (only the windows version is affected)
+ - tightvnc 1.3.10 (low; bug #528204)
+ NOTE: i've looked at the patches and don't see why this would be considered windows-specific
CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...)
{DSA-1729-1}
- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
More information about the Secure-testing-commits
mailing list