[Secure-testing-commits] r13160 - in data: . CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Fri Oct 30 22:42:49 UTC 2009 

Author: gilbert-guest
Date: 2009-10-30 22:42:49 +0000 (Fri, 30 Oct 2009)
New Revision: 13160

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
expat embeds and embeds in python

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-30 22:42:38 UTC (rev 13159)
+++ data/CVE/list	2009-10-30 22:42:49 UTC (rev 13160)
@@ -264,10 +264,50 @@
 CVE-2009-3720 [expat: dos]
 	RESERVED
 	{DSA-1921-1}
-	- expat <unfixed> (medium; bug #551936)
+	- expat <unfixed> (low; bug #551936)
 	- w3c-libwww <unfixed> (low; bug #551938)
 	[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
-	- python-xml <unfixed> (medium; bug #551939)
+	- python-xml <unfixed> (low; bug #551939)
+	- python2.5 <unfixed> (low)
+	- python2.4 <unfixed> (low)
+        - wxwindows2.4 <removed> (low)
+        - wxwidgets2.6 <unfixed> (low)
+        - wxwidgets2.8 <unfixed> (low)
+        - python-celementree <unfixed> (low)
+        - audacity <unfixed> (low)
+        - matzana <unfixed> (low)
+        - tdom <unfixed> (low)
+        - udunits <unfixed> (low)
+        - apr-util <unfixed> (low)
+        - ayttm <unfixed> (low)
+        - cableswig <unfixed> (low)
+        - cadaver <unfixed> (low)
+        - cmake <unfixed> (low)
+        - coin3 <unfixed> (low)
+        - gdcm <unfixed> (low)
+        - ghostscript <unfixed> (low)
+        - grmonitor <unfixed> (low)
+        - iceape <unfixed> (low)
+        - insighttoolkit <unfixed> (low)
+        - libparagui1.1 <unfixed> (low)
+        - paraview <unfixed> (low)
+        - poco <unfixed> (low)
+        - simgear <unfixed> (low)
+        - sitecopy <unfixed> (low)
+        - smart <unfixed> (low)
+        - swish <unfixed> (low)
+        - tla <unfixed> (low)
+        - vtk <unfixed> (low)
+        - wbxml2 <unfixed> (low)
+        - xmlrpc-c <unfixed> (low)
+        - iceweasel <unfixed> (low)
+        - kompozer <unfixed> (low)
+        - vxl <unfixed> (low)
+        - xulrunner <unfixed> (low)
+        - apache2 <unfixed> (low)
+        - texlive-bin <unfixed> (low)
+        - vnc4 <unfixed> (low)
+        - xotcl <unfixed> (low)
 CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
 	NOT-FOR-US: Battle Blog
 CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2009-10-30 22:42:38 UTC (rev 13159)
+++ data/embedded-code-copies	2009-10-30 22:42:49 UTC (rev 13160)
@@ -123,6 +123,8 @@
 	NOTE: inherited from fpc, see #472304
 	- erlang <unfixed> (embed)
 	- gamera 3.2.3-1 (embed)
+	- python2.4 <unfixed> (embed; bug #553403)
+	- python2.5 <unfixed> (embed; bug #553403)
 
 dulwich
         - hg-git 0.1.0-1 (embed; bug #541996)
@@ -196,8 +198,7 @@
 	- gcvs <unfixed> (embed)
 	NOTE: see cvsunix/src in tarball
 
-pcre
-	- python* <unfixed> (embed)
+pcre3
 	- php4 <unknown> (embed)
 	- analog 2:5.23-0woody1 (embed)
 	- goffice <unfixed> (embed)
@@ -985,6 +986,46 @@
 	- w3c-libwww <removed> (embed; bug #551941)
 	[etch] - w3c-libwww <unfixed> (embed; bug #551941) [./modules/expat/*]
 	- python-xml <unfixed> (embed; bug #551940) [./extensions/expat/*]
+	- python2.5 <unfixed> (embed; bug #553403) [./Modules/expat/*]
+	- python2.4 <unfixed> (embed; bug #553403)
+	- wxwindows2.4 <removed> (embed)
+	- wxwidgets2.6 <unfixed> (embed)
+	- wxwidgets2.8 <unfixed> (embed)
+	- python-celementree <unfixed> (embed)
+	- audacity <unfixed> (embed)
+	- matzana <unfixed> (embed)
+	- tdom <unfixed> (embed)
+	- udunits <unfixed> (embed)
+	- apr-util <unfixed> (embed)
+	- ayttm <unfixed> (embed)
+	- cableswig <unfixed> (embed)
+	- cadaver <unfixed> (embed)
+	- cmake <unfixed> (embed)
+	- coin3 <unfixed> (embed)
+	- gdcm <unfixed> (embed)
+	- ghostscript <unfixed> (embed)
+	- grmonitor <unfixed> (embed)
+	- iceape <unfixed> (embed)
+	- insighttoolkit <unfixed> (embed)
+	- libparagui1.1 <unfixed> (embed)
+	- paraview <unfixed> (embed)
+	- poco <unfixed> (embed)
+	- simgear <unfixed> (embed)
+	- sitecopy <unfixed> (embed)
+	- smart <unfixed> (embed)
+	- swish <unfixed> (embed)
+	- tla <unfixed> (embed)
+	- vtk <unfixed> (embed)
+	- wbxml2 <unfixed> (embed)
+	- xmlrpc-c <unfixed> (embed)
+	- iceweasel <unfixed> (embed)
+	- kompozer <unfixed> (embed)
+	- vxl <unfixed> (embed)
+	- xulrunner <unfixed> (embed)
+	- apache2 <unfixed> (embed)
+	- texlive-bin <unfixed> (embed) [included twice]
+	- vnc4 <unfixed> (embed)
+	- xotcl <unfixed> (embed)
 
 xerces-c
 	- xerces-c2 <unfixed> (old-version)
@@ -1045,3 +1086,7 @@
 	- python-whoosh <unknown> (embed)
 	- twill <unknown> (embed)
 	- zope-textindexng3 <unknown> (embed)
+
+python-pysqlite2
+	- python2.4 <unfixed> (embed; bug #553403)
+	- python2.5 <unfixed> (embed; bug #553403)

More information about the Secure-testing-commits mailing list