[Secure-testing-commits] r13273 - in data: . CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Tue Nov 10 22:36:34 UTC 2009 

Author: gilbert-guest
Date: 2009-11-10 22:36:34 +0000 (Tue, 10 Nov 2009)
New Revision: 13273

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
various updates

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-10 21:14:29 UTC (rev 13272)
+++ data/CVE/list	2009-11-10 22:36:34 UTC (rev 13273)
@@ -1,3 +1,5 @@
+CVE-2009-XXXX [dansguardian: not blocking sites]
+	- dansguardian <unfixed> (low; bug #548108)
 CVE-2009-3924 (Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and ...)
 	TODO: check
 CVE-2009-3923 (The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop ...)
@@ -1214,8 +1216,8 @@
 	NOT-FOR-US: RADactive I-Load
 CVE-2009-XXXX [ffmpeg missing input sanitization/crashes]
 	- ffmpeg <unfixed> (medium; bug #550442)
-	- xmovie <removed>
-	- ffmpeg-debian <removed>
+	- xmovie <removed> (medium)
+	- ffmpeg-debian <removed> (medium)
 	NOTE: https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240
 	NOTE: https://roundup.ffmpeg.org/roundup/ffmpeg/issue1245
 CVE-2009-XXXX [xen-tools: world readable disk image files]
@@ -1935,6 +1937,7 @@
 	[lenny] - libaws <no-dsa> (minor issue)
 	- libjson-ruby 1.1.4-1 (low; bug #555223)
 	[lenny] - libjson-ruby <no-dsa> (minor issue)
+	TODO: next point release [lenny] - libjson-ruby 1.1.2-1+lenny1
 	- lucene2 <unfixed> (low; bug #555225)
 	[etch] - lucene2 <not-affected> (prototype.js not present)
 	[lenny] - lucene2 <no-dsa> (minor issue)
@@ -1976,7 +1979,7 @@
 	[lenny] - activeldap <no-dsa> (minor issue)
 	- mantis 1.1.8+dfsg-3 (low; bug #555264)
 	[lenny] - mantis <no-dsa> (minor issue)
-	- otrs2 <unfixed> (low; bug #555266)
+	- otrs2 2.3.4-6 (low; bug #555266)
 	[etch] - otrs2 <not-affected> (prototype.js not present)
 	[lenny] - otrs2 <not-affected> (prototype.js not present)
 	- webcalendar <unfixed> (low; bug #555268)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2009-11-10 21:14:29 UTC (rev 13272)
+++ data/embedded-code-copies	2009-11-10 22:36:34 UTC (rev 13273)
@@ -266,6 +266,7 @@
 faad2
 	- mplayer 1.0~rc2-20 (embed)
 	- avifile <unfixed> (embed; bug #538750)
+	- ffmpeg-debian <removed> (old-version)
 
 libmad (MPEG decoding lib)
 	- xine-lib <unfixed> (embed)
@@ -672,7 +673,7 @@
 	- activeldap <unfixed> (embed)			
 	- libv8 <not-affected> (contains a google-specific implementation of prototype.js)
 	- mantis <unfixed> (embed; bug #555265)
-	- otrs2 <unfixed> (embed; bug #555267)
+	- otrs2 2.3.4-6 (embed; bug #555267)
 	- webcalendar <unfixed> (embed; bug #555269)
 	- redmine 0.9.0~svn2907-1 (embed; bug #555270)
 	- jifty <unfixed> (embed; bug #555271)
@@ -1333,3 +1334,9 @@
 
 mootools
 	- gmic <itp> (embed)
+
+openldap
+	- openldap2.3 <removed> (old-version)
+
+grub2
+	- grub <unfixed> (old-version)

More information about the Secure-testing-commits mailing list