[Secure-testing-commits] r12873 - in data: . CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Wed Sep 23 07:06:03 UTC 2009
Author: derevko-guest
Date: 2009-09-23 07:06:01 +0000 (Wed, 23 Sep 2009)
New Revision: 12873
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
- NFUs
- planet issue no-dsa
- chromium itp
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-23 06:31:44 UTC (rev 12872)
+++ data/CVE/list 2009-09-23 07:06:01 UTC (rev 12873)
@@ -1,57 +1,57 @@
CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer 7
CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-3268 (Google Chrome 1.0.154.48 and earlier allows remote attackers to cause ...)
- TODO: check
+ - chromium-browser <itp> (bug #520324)
CVE-2009-3267 (Microsoft Internet Explorer 6 through 6.0.2900.2180, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-3266 (Unspecified vulnerability in Opera 9 and 10 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-3265 (Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-3264 (The getSVGDocument method in Google Chrome before 3.0.195.21 omits an ...)
- TODO: check
+ - chromium-browser <itp> (bug #520324)
CVE-2009-3263 (Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x ...)
- TODO: check
+ - chromium-browser <itp> (bug #520324)
CVE-2009-3262 (Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Identity Manager
CVE-2009-3261 (update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require ...)
- TODO: check
+ NOT-FOR-US: LiveStreet
CVE-2009-3260 (Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows ...)
- TODO: check
+ NOT-FOR-US: LiveStreet
CVE-2009-3259 (Multiple SQL injection vulnerabilities in RASH Quote Management System ...)
- TODO: check
+ NOT-FOR-US: RASH Quote Management System (RQMS)
CVE-2009-3258 (vtiger CRM before 5.1.0 allows remote authenticated users, with ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3257 (vtiger CRM before 5.1.0 allows remote authenticated users to bypass ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3256 (Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php ...)
- TODO: check
+ NOT-FOR-US: LiveStreet
CVE-2009-3255 (SQL injection vulnerability in RASH Quote Management System (RQMS) ...)
- TODO: check
+ NOT-FOR-US: RASH Quote Management System (RQMS)
CVE-2009-3254 (Multiple stack-based buffer overflows in Ultimate Player 1.56 beta ...)
- TODO: check
+ NOT-FOR-US: Ultimate Player
CVE-2009-3253 (Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 ...)
- TODO: check
+ NOT-FOR-US: TriceraSoft Swift Ultralite
CVE-2009-3252 (Multiple SQL injection vulnerabilities in news.php in Rock Band CMS ...)
- TODO: check
+ NOT-FOR-US: Rock Band CMS
CVE-2009-3251 (include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3250 (The saveForwardAttachments procedure in the Compose Mail functionality ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3249 (Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3248 (Cross-site request forgery (CSRF) vulnerability in the RSS module in ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3247 (Cross-site scripting (XSS) vulnerability in the Activities module in ...)
- TODO: check
+ NOT-FOR-US: vtiger CRM
CVE-2009-3246 (SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX ...)
- TODO: check
+ NOT-FOR-US: MyBuxScript PTC-BUX
CVE-2008-7246 (Google Chrome 0.2.149.29 and earlier allows remote attackers to cause ...)
- TODO: check
+ - chromium-browser <itp> (bug #520324)
CVE-2008-7245 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2008-7244 (Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a ...)
TODO: check
CVE-2009-3245
@@ -1181,7 +1181,13 @@
CVE-2009-2938
RESERVED
CVE-2009-2937 (Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet ...)
- TODO: check
+ - planet <removed> (low; bug #546178)
+ [lenny] - planet <no-dsa> (Minor issue)
+ [etch] - planet <no-dsa> (Minor issue)
+ - planet-venus <unfixed> (low; bug #546179)
+ [lenny] - planet-venus <no-dsa> (Minor issue)
+ [etch] - planet-venus <no-dsa> (Minor issue)
+
CVE-2009-2936
RESERVED
CVE-2009-2935 (Google V8, as used in Google Chrome before 2.0.172.43, allows remote ...)
@@ -1822,7 +1828,7 @@
CVE-2009-2742
RESERVED
CVE-2009-2741 (Unspecified vulnerability in the wberuntimeear application in the test ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Business Events
CVE-2009-2740 (kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention ...)
NOT-FOR-US: CA Host-Based Intrusion Prevention System (HIPS)
CVE-2009-2739 (Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 ...)
Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt 2009-09-23 06:31:44 UTC (rev 12872)
+++ data/ospu-candidates.txt 2009-09-23 07:06:01 UTC (rev 12873)
@@ -551,6 +551,11 @@
--
+planet (CVE-2009-2937)
+bug #546178
+
+--
+
pptp-linux (no CVE)
#523476
Ola will prepare a fix in a point update
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-09-23 06:31:44 UTC (rev 12872)
+++ data/spu-candidates.txt 2009-09-23 07:06:01 UTC (rev 12873)
@@ -267,6 +267,17 @@
--
+planet (CVE-2009-2937)
+bug #546178
+notified maintainer through initial bugreport
+
+--
+
+planet-venus (CVE-2009-2937)
+bug #546179
+
+--
+
webkit (CVE-2008-4724)
#520052
asked maintainer
More information about the Secure-testing-commits
mailing list