[Secure-testing-commits] r13105 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Tue Oct 27 19:07:11 UTC 2009
Author: geissert
Date: 2009-10-27 19:07:10 +0000 (Tue, 27 Oct 2009)
New Revision: 13105
Modified:
data/CVE/list
Log:
new asterisk, markdown issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-27 07:13:16 UTC (rev 13104)
+++ data/CVE/list 2009-10-27 19:07:10 UTC (rev 13105)
@@ -1,3 +1,12 @@
+CVE-2009-XXXX [python-markdown Script Insertion Vulnerabilities]
+ - python-markdown <unfixed>
+ TODO: check
+ NOTE: http://secunia.com/advisories/37142/
+CVE-2009-XXXX [Unauthorized calls allowed on prohibited networks in asterisk]
+ [etch] - asterisk <not-affected>
+ [lenny] - asterisk <not-affected>
+ - asterisk <unfixed> (medium)
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html
CVE-2009-XXXX [NULL dereferences, similar to Adobe's CVE-2009-0658]
- ghostscript <unfixed>
- xpdf <unfixed>
@@ -341,7 +350,7 @@
- typo3-src 4.2.10-1 (medium; bug #552020)
CVE-2009-3627 ["decode_entities()" Denial of Service]
RESERVED
- - libhtml-parser-perl <unfixed> (bug filed)
+ - libhtml-parser-perl <unfixed> (bug #552531)
NOTE: http://secunia.com/advisories/37155/
CVE-2009-3626 [perl utf8 DoS]
RESERVED
@@ -565,7 +574,7 @@
CVE-2009-3547
RESERVED
CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the ...)
- - libgd2 <unfixed> (medium; bug filed)
+ - libgd2 <unfixed> (medium; bug #552534)
- php5 <not-affected> (the php packages use the system libgd2)
NOTE: http://svn.php.net/viewvc?view=revision&revision=289557
NOTE: <20091015173822.084de220 at redhat.com> in OSS-sec
More information about the Secure-testing-commits
mailing list