[Secure-testing-commits] r11975 - data/CVE

Nico Golde nion at alioth.debian.org
Mon May 25 23:35:20 UTC 2009 

Author: nion
Date: 2009-05-25 23:35:20 +0000 (Mon, 25 May 2009)
New Revision: 11975

Modified:
   data/CVE/list
Log:
- NFUs
- CVE-2009-0161 should be a dupe
- CVE-2009-1189 fixed in dbus 1.2.14-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-25 21:44:16 UTC (rev 11974)
+++ data/CVE/list	2009-05-25 23:35:20 UTC (rev 11975)
@@ -46,7 +46,7 @@
 CVE-2009-1739 (PAD Site Scripts 3.6 allows remote attackers to bypass authentication ...)
 	NOT-FOR-US: PAD Site Scripts
 CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before ...)
-	TODO: check
+	NOT-FOR-US: Feed Block
 CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows ...)
 	NOT-FOR-US: MyPic
 CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket System ...)
@@ -64,7 +64,7 @@
 CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica ...)
 	NOT-FOR-US: NetDecision TFTP Server
 CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Communications Express
 CVE-2009-1728
 	RESERVED
 CVE-2009-1727
@@ -1923,7 +1923,7 @@
 CVE-2009-1190 (Algorithmic complexity vulnerability in the ...)
 	TODO: check
 CVE-2009-1189 (The _dbus_validate_signature_with_reason function ...)
-	TODO: check
+	- dbus 1.2.14-1
 CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in Poppler before ...)
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -5853,9 +5853,10 @@
 	- cups 1.3.10-1
 	- cupsys <removed>
 CVE-2009-0162 (Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 ...)
-	TODO: check
+	NOT-FOR-US: Safari
 CVE-2009-0161 (The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
+	NOTE: dupe of CVE-2009-0642
 CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...)
 	NOT-FOR-US: QuickDraw Manager
 CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c ...)

More information about the Secure-testing-commits mailing list