[Secure-testing-commits] r12905 - data/CVE

Nico Golde nion at alioth.debian.org
Wed Sep 30 16:41:49 UTC 2009 

Author: nion
Date: 2009-09-30 16:41:49 +0000 (Wed, 30 Sep 2009)
New Revision: 12905

Modified:
   data/CVE/list
Log:
- NFUs
- new kernel issue (CVE-2009-3280)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-30 07:18:37 UTC (rev 12904)
+++ data/CVE/list	2009-09-30 16:41:49 UTC (rev 12905)
@@ -2,35 +2,35 @@
 	- xen-tools <unfixed> (low; bug #548909)
 	TODO: request CVE id
 CVE-2009-3446 (SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) ...)
-	TODO: check
+	NOT-FOR-US: com_mytube component for Joomla!
 CVE-2009-3445 (Unspecified vulnerability in Code-Crafters Ability Mail Server before ...)
-	TODO: check
+	NOT-FOR-US: Ability Mail Server
 CVE-2009-3444 (Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2009-3443 (SQL injection vulnerability in the Fastball (com_fastball) component ...)
-	TODO: check
+	NOT-FOR-US: com_fastball component for Joomla!
 CVE-2009-3442 (The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does ...)
-	TODO: check
+	NOT-FOR-US: Nodewords module for Drupal
 CVE-2009-3441 (Open Source Security Information Management (OSSIM) before 2.1.2 ...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3440 (Cross-site scripting (XSS) vulnerability in Open Source Security ...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3439 (Multiple SQL injection vulnerabilities in Open Source Security ...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3438 (SQL injection vulnerability in the JoomlaFacebook (com_facebook) ...)
-	TODO: check
+	NOT-FOR-US: com_facebook component for Joomla!
 CVE-2009-3437 (Cross-site scripting (XSS) vulnerability in the live preview feature ...)
-	TODO: check
+	NOT-FOR-US: Markdown Preview module for Drupal
 CVE-2009-3436 (Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal ...)
-	TODO: check
+	NOT-FOR-US: MaxWebPortal
 CVE-2009-3435 (Cross-site scripting (XSS) vulnerability in the variable editor in the ...)
-	TODO: check
+	NOT-FOR-US: Devel module for Drupal
 CVE-2009-3434 (SQL injection vulnerability in the Tupinambis (com_tupinambis) ...)
-	TODO: check
+	NOT-FOR-US: com_tupinambis for Mambo and Joomla!
 CVE-2009-3433 (Unspecified vulnerability in clsetup in the configuration utility in ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris Cluster
 CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and ...)
-	TODO: check
+	NOT-FOR-US: Sun OpenSolaris xscreensaver
 CVE-2009-3431 (Stack consumption vulnerability in Adobe Acrobat 9.1.1 allows remote ...)
 	NOT-FOR-US: Adobe Acrobat
 CVE-2009-3430 (SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows ...)
@@ -345,7 +345,8 @@
 CVE-2009-3281
 	RESERVED
 CVE-2009-3280 (Integer signedness error in the find_ie function in ...)
-	TODO: check
+	- linux-2.6 <unfixed> (medium)
+	- linux-2.6.24 <removed>
 CVE-2009-3279 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 ...)
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
 CVE-2009-3278 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 ...)

More information about the Secure-testing-commits mailing list