[Secure-testing-commits] r11941 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed May 20 21:14:12 UTC 2009 

Author: joeyh
Date: 2009-05-20 21:14:12 +0000 (Wed, 20 May 2009)
New Revision: 11941

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-20 15:16:19 UTC (rev 11940)
+++ data/CVE/list	2009-05-20 21:14:12 UTC (rev 11941)
@@ -115,6 +115,7 @@
 CVE-2009-1633
 	RESERVED
 CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote ...)
+	{DSA-1804-1}
 	- ipsec-tools 0.7.1-1.5 (medium; bug #528933)
 CVE-2009-1631 (The Mailer component in Evolution 2.26.1 and earlier uses ...)
 	- evolution <unfixed> (low; bug #526409)
@@ -298,6 +299,7 @@
 	- drupal6 6.11-1 (bug #526378)
 	- drupal5 5.17-1
 CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote ...)
+	{DSA-1804-1}
 	- ipsec-tools 0.7.1-1.4 (medium; bug #527634)
 CVE-2009-1571
 	RESERVED
@@ -744,8 +746,8 @@
 	RESERVED
 CVE-2009-1419
 	RESERVED
-CVE-2009-1418
-	RESERVED
+CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+	TODO: check
 CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and ...)
 	- gnutls26 2.6.6-1 (medium; bug #528281)
 	- gnutls13 <removed>
@@ -823,12 +825,12 @@
 	RESERVED
 CVE-2009-1380
 	RESERVED
-CVE-2009-1379
-	RESERVED
-CVE-2009-1378
-	RESERVED
-CVE-2009-1377
-	RESERVED
+CVE-2009-1379 (Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment ...)
+	TODO: check
+CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function ...)
+	TODO: check
+CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ...)
+	TODO: check
 CVE-2009-1376
 	RESERVED
 CVE-2009-1375
@@ -1392,8 +1394,7 @@
 CVE-2009-1253 (James Stone Tunapie 2.1 allows local users to overwrite arbitrary ...)
 	{DSA-1764-1}
 	- tunapie 2.1.17-1
-CVE-2009-1252 [ntp authkey buffer overflow]
-	RESERVED
+CVE-2009-1252 (Stack-based buffer overflow in the crypto_recv function in ...)
 	{DSA-1801-1}
 	- ntp <unfixed>
 	NOTE: VU#853097

More information about the Secure-testing-commits mailing list