[Secure-testing-commits] r13060 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Wed Oct 21 19:58:56 UTC 2009 

Author: derevko-guest
Date: 2009-10-21 19:58:56 +0000 (Wed, 21 Oct 2009)
New Revision: 13060

Modified:
   data/CVE/list
Log:
wordpress 2.8.5-1 fixed CVE-2009-2911
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-21 19:31:17 UTC (rev 13059)
+++ data/CVE/list	2009-10-21 19:58:56 UTC (rev 13060)
@@ -1,3 +1,11 @@
+CVE-2009-3733
+	RESERVED
+CVE-2009-3732
+	RESERVED
+CVE-2009-3731
+	RESERVED
+CVE-2009-3730 (Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help ...)
+	NOT-FOR-US: ReqWeb
 CVE-2009-3729
 	RESERVED
 CVE-2009-3728
@@ -220,8 +228,10 @@
 	RESERVED
 CVE-2009-3623
 	RESERVED
-CVE-2009-3622
+CVE-2009-3622 [wordpress: Trackback DoS]
 	RESERVED
+	- wordpress 2.8.5-1
+	NOTE: http://seclists.org/fulldisclosure/2009/Oct/263
 CVE-2009-3621 [linux-2.6: denial-of-service via deadlock]
 	RESERVED
 	- linux-2.6 <unfixed> (low)
@@ -234,12 +244,11 @@
 	RESERVED
 CVE-2009-3618
 	RESERVED
-CVE-2009-3617
-	RESERVED
+CVE-2009-3617 (Format string vulnerability in the AbstractCommand::onAbort function ...)
+	TODO: check
 CVE-2009-3616
 	RESERVED
-CVE-2009-3615 [pidgin ICQ DoS]
-	RESERVED
+CVE-2009-3615 (The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and ...)
 	- pidgin 2.6.3-1
 	NOTE: http://pidgin.im/news/security/?id=41
 CVE-2009-3614 [oping suid 0 arbitrary file disclosure]
@@ -970,8 +979,7 @@
 	RESERVED
 CVE-2009-3297
 	RESERVED
-CVE-2009-3296 [camlimages: tiffread.c integer overflows]
-	RESERVED
+CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow ...)
 	{DSA-1912-1}
 	- camlimages <unfixed> (low)
 	- advi <unfixed> (low; bug #551282)
@@ -2419,8 +2427,7 @@
 	RESERVED
 	- linux-2.6 <unfixed> (medium)
 	- linux-2.6.24 <unfixed> (medium)
-CVE-2009-2909 [linux-2.6: incorrect signedness check in net ax25]
-	RESERVED
+CVE-2009-2909 (Integer signedness error in the ax25_setsockopt function in ...)
 	- linux-2.6 <unfixed> (medium)
 	- linux-2.6.24 <removed> (medium)
 CVE-2009-2908 (The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux ...)

More information about the Secure-testing-commits mailing list