[Secure-testing-commits] r14566 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Apr 28 19:48:23 UTC 2010 

Author: jmm-guest
Date: 2010-04-28 19:48:23 +0000 (Wed, 28 Apr 2010)
New Revision: 14566

Modified:
   data/CVE/list
Log:
- maintainer provided an spu upload for iscsitarget
- one kde4libs issue not affected
- record one more qt4 fix


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-28 02:27:26 UTC (rev 14565)
+++ data/CVE/list	2010-04-28 19:48:23 UTC (rev 14566)
@@ -770,7 +770,6 @@
 	- moodle <not-affected> (Vulnerable code not present)
 	- phpmyadmin <not-affected> (Vulnerable code not present)
 	- tcpdf <itp> (bug #495985)
-	TODO: check
 	NOTE: http://sourceforge.net/projects/tcpdf/files/CHANGELOG.TXT/view
 	NOTE: http://seclists.org/fulldisclosure/2010/Apr/104
 	NOTE: setting K_TCPDF_CALLS_IN_HTML to false mitigates the problem
@@ -2295,6 +2294,7 @@
 	NOTE: http://www.juniper.net/security/auto/vulnerabilities/vuln35507.html
 CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI ...)
 	- iscsitarget 1:1.0.3-2 (medium; bug #574935)
+	TODO: next point update: [lenny] - iscsitarget 0.4.16+svn162-3.1
 	- tgt 1:1.0.3-2 (medium; bug #576086) 
 CVE-2010-0742
 	RESERVED
@@ -13241,7 +13241,7 @@
 	- webkit 1.1.12-1 (medium; bug #535793)
 	NOTE: http://trac.webkit.org/changeset/36918
 	- kdelibs <not-affected>
-	- kde4libs <undetermined>
+	- kde4libs <not-affected>
 	- qt4-x11 4:4.5.2-1
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...)
@@ -13356,7 +13356,8 @@
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
-	- qt4-x11 <unfixed>
+	- qt4-x11 4:4.6.2-4
+	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: http://trac.webkit.org/changeset/35928
 CVE-2009-1692 (WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, ...)

More information about the Secure-testing-commits mailing list