[Secure-testing-commits] r13006 - data/CVE

Nico Golde nion at alioth.debian.org
Tue Oct 13 15:27:39 UTC 2009 

Author: nion
Date: 2009-10-13 15:27:38 +0000 (Tue, 13 Oct 2009)
New Revision: 13006

Modified:
   data/CVE/list
Log:
- viewvc xss fixed in 1.0.9-1
- vmware-package has been removed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-13 10:32:32 UTC (rev 13005)
+++ data/CVE/list	2009-10-13 15:27:38 UTC (rev 13006)
@@ -1310,7 +1310,7 @@
 CVE-2008-7183 (PHP remote file inclusion vulnerability in eva/index.php in EVA CMS ...)
 	NOT-FOR-US: EVA CMS
 CVE-2009-XXXX [viewvc: XSS and illegal characters while printing name-value pairs]
-	- viewvc <unfixed> (low; bug #545779)
+	- viewvc 1.0.9-1 (low; bug #545779)
 	NOTE: CVE id has been requested, fixed in 1.1.2
 CVE-2009-3082 (SQL injection vulnerability in wcategory.php in Snow Hall Silurus ...)
 	NOT-FOR-US: Snow Hall Silurus System
@@ -21202,7 +21202,7 @@
 CVE-2008-2101 (The VMware Consolidated Backup (VCB) command-line utilities in VMware ...)
 	NOT-FOR-US: VMware ESX
 CVE-2008-2100 (Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on ...)
-	- vmware-package <unfixed> (low; bug #485919)
+	- vmware-package <removed> (low; bug #485919)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -21210,7 +21210,7 @@
 	- vmware-package <not-affected> (Windows issue according to CVE)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 CVE-2008-2098 (Heap-based buffer overflow in the VMware Host Guest File System (HGFS) ...)
-	- vmware-package <unfixed> (low; bug #484491)
+	- vmware-package <removed> (low; bug #484491)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -22872,7 +22872,7 @@
 	- plone3 <unfixed> (low; bug #473571; bug #486333)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
 CVE-2008-1392 (The default configuration of VMware Workstation 6.0.2, VMware Player ...)
-	- vmware-package <unfixed> (low; bug #486177)
+	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -22979,7 +22979,7 @@
 CVE-2008-1365 (Stack-based buffer overflow in Trend Micro OfficeScan Corporate ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
 CVE-2008-1364 (Unspecified vulnerability in the DHCP service in VMware Workstation ...)
-	- vmware-package <unfixed> (low; bug #486177)
+	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -23029,7 +23029,7 @@
 CVE-2008-1341 (SQL injection vulnerability in SearchResults.aspx in LaGarde ...)
 	NOT-FOR-US: LaGarde StoreFront
 CVE-2008-1340 (Virtual Machine Communication Interface (VMCI) in VMware Workstation ...)
-	- vmware-package <unfixed> (low; bug #486177)
+	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -23963,7 +23963,7 @@
 CVE-2008-0968
 	RESERVED
 CVE-2008-0967 (Untrusted search path vulnerability in vmware-authd in VMware ...)
-	- vmware-package <unfixed> (low; bug #486110)
+	- vmware-package <removed> (low; bug #486110)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -29323,7 +29323,7 @@
 CVE-2007-5620 (Directory traversal vulnerability in admin/inc/help.php in ...)
 	NOT-FOR-US: ZZ:FlashChat
 CVE-2007-5619 (Unspecified vulnerability in VMware Server before 1.0.4 causes user ...)
-	- vmware-package <unfixed> (low; bug #486177)
+	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
@@ -29331,7 +29331,7 @@
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 CVE-2007-5617 (Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 ...)
-	- vmware-package <unfixed> (low; bug #486177)
+	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs

More information about the Secure-testing-commits mailing list