[Secure-testing-commits] r14517 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sun Apr 18 09:14:53 UTC 2010 

Author: joeyh
Date: 2010-04-18 09:14:44 +0000 (Sun, 18 Apr 2010)
New Revision: 14517

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-17 22:17:17 UTC (rev 14516)
+++ data/CVE/list	2010-04-18 09:14:44 UTC (rev 14517)
@@ -175,9 +175,9 @@
 	NOTE: i find it questionable whether this is really a security issue...
 	NOTE: iceweasel behaves the same way...it's probably the page caching feature
 CVE-2010-XXXX [irssi: ssl proxy issue]
-        - irssi <undetermined>
-        NOTE: http://www.openwall.com/lists/oss-security/2010/04/17/1
-        TODO: check
+	- irssi <undetermined>
+	NOTE: http://www.openwall.com/lists/oss-security/2010/04/17/1
+	TODO: check
 CVE-2010-1564
 	REJECTED
 CVE-2010-1372 (SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) ...)
@@ -1945,7 +1945,7 @@
 CVE-2010-0750 (pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users ...)
 	- policykit <not-affected> (pkexec introduced in 0.92)
 	[lenny] - policykit <not-affected> (pkexec introduced in 0.92)
-        TODO: check when >= 0.92 gets uploaded
+	TODO: check when >= 0.92 gets uploaded
 CVE-2010-0749
 	RESERVED
 	- transmission 1.92-1 (unimportant; bug filed)
@@ -2831,6 +2831,7 @@
 CVE-2010-0437 (The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux ...)
 	- linux-2.6 2.6.26-9
 CVE-2010-0436 (Race condition in backend/ctrl.c in KDM in KDE Software Compilation ...)
+	{DSA-2037-1}
 	- kdebase 4:4.0
 	- kdebase-workspace <unfixed>
 	NOTE: http://www.kde.org/info/security/advisory-20100413-1.txt
@@ -44337,6 +44338,7 @@
 CVE-2007-2722 (Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers ...)
 	NOT-FOR-US: NewzCrawler
 CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...)
+	{DSA-2036-1}
 	- jasper 1.900.1-6 (medium; bug #413033; bug #528543)
 	NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543
 	- ghostscript 8.61.dfsg.1~svn8187-1.1 (medium; bug #447188)

More information about the Secure-testing-commits mailing list