[Secure-testing-commits] r14542 - data/CVE

Pedro Ribeiro pedrib-guest at alioth.debian.org
Wed Apr 21 20:41:29 UTC 2010 

Author: pedrib-guest
Date: 2010-04-21 20:41:29 +0000 (Wed, 21 Apr 2010)
New Revision: 14542

Modified:
   data/CVE/list
Log:
some NFUs, and updated CVE-2010-1311


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-21 19:55:57 UTC (rev 14541)
+++ data/CVE/list	2010-04-21 20:41:29 UTC (rev 14542)
@@ -1,19 +1,19 @@
 CVE-2010-1467 (Multiple PHP remote file inclusion vulnerabilities in openUrgence ...)
-	TODO: check
+	NOT-FOR-US: openUrgence
 CVE-2010-1466 (Directory traversal vulnerability in scr/soustab.php in openUrgence ...)
-	TODO: check
+	NOT-FOR-US: openUrgence
 CVE-2010-1465 (Stack-based buffer overflow in Trellian FTP client 3.01, including ...)
-	TODO: check
+   NOT-FOR-US: Trellian FTP
 CVE-2010-1464 (Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst ...)
-	TODO: check
+	NOT-FOR-US: WebAsyst Shop-Script FREE
 CVE-2010-1463 (Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE ...)
-	TODO: check
+	NOT-FOR-US: WebAsyst Shop-Script FREE
 CVE-2010-1462 (Directory traversal vulnerability in WebAsyst Shop-Script FREE has ...)
-	TODO: check
+	NOT-FOR-US: WebAsyst Shop-Script FREE
 CVE-2010-1461 (Directory traversal vulnerability in the Photo Battle ...)
-	TODO: check
+   NOT-FOR-US: Photo Battle Component for Joomla!
 CVE-2010-1460 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...)
-	TODO: check
+   NOT-FOR-US: IBM BladeCenter Management Module
 CVE-2010-1459
 	RESERVED
 CVE-2010-1458
@@ -332,9 +332,10 @@
 CVE-2010-1312 (Directory traversal vulnerability in the iJoomla News Portal ...)
 	NOT-FOR-US: Joomla!
 CVE-2010-1311 (The qtm_decompress function in libclamav/mspack.c in ClamAV before ...)
-	- clamav <unfixed> (bug #577462; low)
-	NOTE: there is ongoing discussion about removing from Squeeze
-	NOTE: but the Lenny version is also affected
+	- clamav 0.96+dfsg-2 (bug #577462; low)
+	[lenny] - clamav <unfixed> (bug #577462; low)
+	NOTE: Lenny version achieved end of life! see 
+	NOTE: http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/
 CVE-2010-1310 (Opera 10.50 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Opera
 CVE-2010-1309 (Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) ...)

More information about the Secure-testing-commits mailing list