[Secure-testing-commits] r13358 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Nov 24 03:50:07 UTC 2009
Author: gilbert-guest
Date: 2009-11-24 03:50:06 +0000 (Tue, 24 Nov 2009)
New Revision: 13358
Modified:
data/CVE/list
data/embedded-code-copies
Log:
- bugs submitted for kvm issues
- kernel triage
- prototypejs updates
- bugs submitted for libjs-yui issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-11-24 00:52:56 UTC (rev 13357)
+++ data/CVE/list 2009-11-24 03:50:06 UTC (rev 13358)
@@ -85,9 +85,8 @@
CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...)
NOT-FOR-US: Serv-U FTP server
CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...)
- - linux-2.6 <unfixed>
- - linux-2.6.24 <removed>
- TODO: check
+ - linux-2.6 <unfixed> (low)
+ - linux-2.6.24 <removed> (low)
CVE-2009-4003
RESERVED
CVE-2009-4002
@@ -183,10 +182,9 @@
- php4 <unfixed> (medium)
NOTE: workarounds include using 5.3.1 or php5-suhosin
NOTE: 4B068517.802 at acunetix.com on bugtraq explains it
-CVE-2009-XXXX [array indexing error in gdth_read_event() in drivers/scsi/gdth.c]
- - linux-2.6 <unfixed>
- - linux-2.6.24 <removed>
- TODO: check
+CVE-2009-3080 [array indexing error in gdth_read_event() in drivers/scsi/gdth.c]
+ - linux-2.6 <unfixed> (medium)
+ - linux-2.6.24 <removed> (medium)
NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0
CVE-2009-XXXX [command injection in the Mail pear module]
- php-mail 1.1.14-2 (medium; bug #557121)
@@ -249,11 +247,10 @@
- linux-2.6 <unfixed> (low)
- linux-2.6.24 <removed> (low)
CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 <unfixed> (medium)
[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
- - kvm <unfixed>
- TODO: check
+ - kvm <unfixed> (medium; bug #557736)
NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through ...)
NOT-FOR-US: Sun OpenSolaris
@@ -741,8 +738,7 @@
[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
[lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
- linux-2.6 2.6.31-1 (low)
- - kvm <unfixed> (low)
- TODO: check kvm
+ - kvm <unfixed> (low; bug #557739)
NOTE: http://bugzilla.redhat.com/531660
NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
CVE-2009-3721
@@ -964,7 +960,7 @@
[lenny] - linux-2.6 <not-affected> (introduced post 2.6.27)
[etch] - linux-2.6 <not-affected> (introduced post 2.6.27)
- linux-2.6.24 <not-affected> (introduced post 2.6.27)
- - kvm <unfixed>
+ - kvm <unfixed> (medium; bug #557737)
[lenny] - kvm <not-affected> (Vulnerable code not present)
CVE-2009-3639 (The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before ...)
{DSA-1925-1}
@@ -1228,8 +1224,9 @@
CVE-2009-3554
RESERVED
CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling ...)
- - cups <unfixed>
- TODO: check
+ - cups <unfixed> (low; bug #557740)
+ [lenny] - cups <no-dsa> (minor issue)
+ - cupsys <not-affected> (vulnerable code introduced in 1.3.x)
NOTE: http://www.cups.org/newsgroups.php/s1+gcups.bugs?s1+gcups.bugs+v4+T+Q3200
CVE-2009-3552
RESERVED
@@ -2216,7 +2213,7 @@
- libjson-ruby 1.1.4-1 (low; bug #555223)
[lenny] - libjson-ruby <no-dsa> (minor issue)
TODO: next point release [lenny] - libjson-ruby 1.1.2-1+lenny1
- - lucene2 <unfixed> (low; bug #555225)
+ - lucene2 2.9.1+ds1-2 (low; bug #555225)
[etch] - lucene2 <not-affected> (prototype.js not present)
[lenny] - lucene2 <no-dsa> (minor issue)
- glpi 0.72.3-1 (low; bug #555228)
@@ -2235,15 +2232,13 @@
[lenny] - ebug-http <no-dsa> (Minor issue)
- poker-network <unfixed> (low; bug #555237)
[etch] - poker-network <no-dsa> (minor issue)
- - webhelpers <unfixed> (low; bug #555239)
- [etch] - webhelpers <not-affected> (prototype.js not present)
- [lenny] - webhelpers <no-dsa> (minor issue)
+ - webhelpers 0.3.4-2 (low; bug #555239)
- qwik <unfixed> (low; bug #555240)
[etch] - qwik <no-dsa> (minor issue)
[lenny] - qwik <no-dsa> (minor issue)
- wordpress 2.5.0-2 (low; bug #555242)
[etch] - wordpress <not-affected> (prototype.js not present)
- - exaile <unfixed> (low; bug #555244)
+ - exaile 0.2.14+debian-2.1 (low; bug #555244)
[lenny] - exaile <no-dsa> (minor issue)
- hobix 0.5~svn20070319-4 (low; bug #555246)
[lenny] - hobix <no-dsa> (minor issue)
@@ -2618,8 +2613,6 @@
NOT-FOR-US: Snow Hall Silurus System
CVE-2009-3081 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...)
NOT-FOR-US: Uiga Church Portal
-CVE-2009-3080 (Array index error in the gdth_read_event function in ...)
- TODO: check
CVE-2009-3079 (Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x ...)
{DSA-1886-1}
- iceweasel 3.0.14-1
@@ -5418,6 +5411,7 @@
{DSA-1846-1 DSA-1845-1}
- linux-2.6 2.6.30-2 (low)
- linux-2.6.24 <removed>
+ - kvm <unfixed> (low; bug #557737)
CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...)
{DSA-1835-1}
- tiff 3.8.2-12 (low; bug #534137)
@@ -38910,7 +38904,16 @@
CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 ...)
NOT-FOR-US: Apple mDNSResponder
CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...)
- TODO: check yui
+ - yui <unfixed> (low; bug #557745)
+ [lenny] - yui <no-dsa> (minor issue)
+ - bcfg2 <not-affected> (present in source but not included in any binary files)
+ - serendipity <unfixed> (low; bug #557746)
+ [etch] - serendipity <no-dsa> (minor issue)
+ [lenny] - serendipity <no-dsa> (minor issue)
+ - moodle <not-affected> (uses system libjs-yui)
+ - jifty <unfixed> (low; bug #557748)
+ - webgui <not-affected> (uses system libjs-yui)
+ - loggerhead <not-affected> (uses system libjs-yui)
NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
NOTE: This allows to steal data from affected websites. Therefore web applications should
NOTE: only be considered vunerabile if they process confidential data.
@@ -38931,7 +38934,7 @@
[etch] - libaws <no-dsa> (minor issue)
[lenny] - libaws <no-dsa> (minor issue)
- libjson-ruby <not-affected> (has prototype.js >= 1.5.1)
- - lucene2 <unfixed> (low; bug #555225)
+ - lucene2 2.9.1+ds1-2 (low; bug #555225)
[etch] - lucene2 <not-affected> (prototype.js not present)
[lenny] - lucene2 <no-dsa> (minor issue)
- glpi 0.72.3-1 (low; bug #555228)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2009-11-24 00:52:56 UTC (rev 13357)
+++ data/embedded-code-copies 2009-11-24 03:50:06 UTC (rev 13358)
@@ -652,7 +652,7 @@
- webcit <unfixed> (embed; bug #555219)
- asterisk 1:1.6.2.0~rc3-1 (embed)
- libjson-ruby 1.1.4-1 (embed; bug #555224)
- - lucene2 <unfixed> (embed; bug #555226)
+ - lucene2 2.9.1+ds1-2 (embed; bug #555226)
- horde3 <unfixed> (embed)
- knowledgeroot <unfixed> (embed; bug #555230)
- mediatomb <unfixed> (embed; bug #555233)
@@ -665,7 +665,7 @@
- zope <not-affected> (the prototypejs embed is not in any of the obvious zope packages, e.g. zope2.9, zope2.10, zope2.11, and zope3)
TODO: search through all of the other zope packages
- ampache 3.4.1-2 (embed)
- - exaile <unfixed> (embed; bug #555245)
+ - exaile 0.2.14+debian-2.1 (embed; bug #555245)
- hobix 0.5~svn20070319-4 (embed; bug #555247)
- zabbix 1.6.6-4 (embed; bug #555250)
- chora2 <unfixed> (embed; bug #555253)
@@ -1355,3 +1355,14 @@
python-dateutil
- awn-extras-applets <unfixed> (embed)
- matplotlib <unknown> (embed)
+
+cups
+ - cupsys <removed> (old-version)
+
+yui
+ - bcfg2 <not-affected> (present in source but not included in any binary files)
+ - serendipity <unfixed> (embed; bug #557746)
+ - moodle 1.8.2.dfsg-5 (embed)
+ - jifty <unfixed> (embed; bug #557748)
+ - webgui 7.7.26-1 (embed)
+ - loggerhead 1.17-1 (embed)
More information about the Secure-testing-commits
mailing list