[Secure-testing-commits] r14439 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Apr 8 21:32:52 UTC 2010
Author: jmm-guest
Date: 2010-04-08 21:32:50 +0000 (Thu, 08 Apr 2010)
New Revision: 14439
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
- new mediawiki issue
- new udisks issue
- imp no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-08 21:14:23 UTC (rev 14438)
+++ data/CVE/list 2010-04-08 21:32:50 UTC (rev 14439)
@@ -391,10 +391,13 @@
RESERVED
CVE-2010-1151
RESERVED
-CVE-2010-1150
+CVE-2010-1150 [mediawiki CRSF]
RESERVED
-CVE-2010-1149
+ - mediawiki <unfixed> (low)
+ NOTE: Maintainer is aware: http://blog.rastageeks.org/spip.php?article62
+CVE-2010-1149 [udisks information disclosure]
RESERVED
+ - udisks <unfixed> (medium; bug #576687)
CVE-2010-1148 [linux-2.6: cifs null ptr dereference]
RESERVED
- linux-2.6 <unfixed>
@@ -2400,7 +2403,8 @@
CVE-2010-0464 (Roundcube 0.3.1 and earlier does not request that the web browser ...)
- roundcube 0.3.1-3 (bug #569660)
CVE-2010-0463 (Horde IMP 4.3.6 and earlier does not request that the web browser ...)
- - imp4 <unfixed> (bug #569661)
+ - imp4 <unfixed> (low; bug #569661)
+ [lenny] - imp4 <no-dsa> (Minor issue)
CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.7 and 9.7.1 on Linux allows ...)
NOT-FOR-US: IBM DB2
CVE-2010-0461 (SQL injection vulnerability in the casino (com_casino) component 1.0 ...)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2010-04-08 21:14:23 UTC (rev 14438)
+++ data/spu-candidates.txt 2010-04-08 21:32:50 UTC (rev 14439)
@@ -111,6 +111,11 @@
--
+imp4 (CVE-2010-0463)
+#569661
+
+--
+
libgnucrypto-java (CVE-2008-5659)
#559789
removed
More information about the Secure-testing-commits
mailing list