[Secure-testing-commits] r13148 - data/CVE

[Raphael Geissert]

Author: geissert
Date: 2009-10-29 18:25:52 +0000 (Thu, 29 Oct 2009)
New Revision: 13148

Modified:
   data/CVE/list
Log:
asterisk and python-markdown already CVEfied, remove mandos' TODO


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-29 16:32:42 UTC (rev 13147)
+++ data/CVE/list	2009-10-29 18:25:52 UTC (rev 13148)
@@ -109,15 +109,6 @@
 	TODO: check
 CVE-2009-3778 (SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, ...)
 	TODO: check
-CVE-2009-XXXX [python-markdown Script Insertion Vulnerabilities]
-	- python-markdown <unfixed>
-	TODO: check
-	NOTE: http://secunia.com/advisories/37142/
-CVE-2009-XXXX [Unauthorized calls allowed on prohibited networks in asterisk]
-	[etch] - asterisk <not-affected>
-	[lenny] - asterisk <not-affected>
-	- asterisk <unfixed> (medium)
-	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html
 CVE-2009-XXXX [NULL dereferences, similar to Adobe's CVE-2009-0658]
 	- ghostscript <unfixed>
 	- xpdf <unfixed>
@@ -228,7 +219,6 @@
 	RESERVED
 CVE-2009-XXXX [mandos 0600 file being included in initrd]
 	- mandos 1.0.13-1 (bug #551907)
-	TODO: determine real impact
 CVE-2009-3733
 	RESERVED
 CVE-2009-3732
@@ -247,10 +237,17 @@
 	RESERVED
 CVE-2009-3725
 	RESERVED
-CVE-2009-3724
+CVE-2009-3724 [python-markdown Script Insertion Vulnerabilities]
 	RESERVED
-CVE-2009-3723
+	- python-markdown <unfixed>
+	TODO: check
+	NOTE: http://secunia.com/advisories/37142/
+CVE-2009-3723 [Unauthorized calls allowed on prohibited networks in asterisk]
 	RESERVED
+	[etch] - asterisk <not-affected>
+	[lenny] - asterisk <not-affected>
+	- asterisk <unfixed> (medium)
+	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html
 CVE-2009-3722 [kvm: check cpl before emulating debug register access]
 	RESERVED
 	[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)