[Secure-testing-commits] r15126 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Aug 4 01:07:43 UTC 2010
Author: jmm-guest
Date: 2010-08-04 01:07:39 +0000 (Wed, 04 Aug 2010)
New Revision: 15126
Modified:
data/CVE/list
Log:
- openttd fixed
- tomcat6 in lenny not affected by any of the open issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-03 21:15:31 UTC (rev 15125)
+++ data/CVE/list 2010-08-04 01:07:39 UTC (rev 15126)
@@ -306,10 +306,10 @@
RESERVED
CVE-2010-2801 [Integer wrap-around (crash) by processing certain *.cab files in test archive mode]
RESERVED
- - cabextract <unfixed> (bug filed)
+ - cabextract <unfixed> (bug #591552)
CVE-2010-2800 [Infinite loop in MS-ZIP and Quantum decoders]
RESERVED
- - cabextract <unfixed> (bug filed; unimportant)
+ - cabextract <unfixed> (bug #591552; unimportant)
CVE-2010-2799 [socat buffer overflow]
RESERVED
- socat 1.7.1.3-1 (bug #591443; medium)
@@ -993,7 +993,7 @@
CVE-2010-2535
RESERVED
CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
- - openttd <unfixed>
+ - openttd 1.0.3-1
[lenny] - openttd <not-affected> (Introduced in 1.0.1)
NOTE: http://bugs.openttd.org/task/3909
CVE-2010-2533
@@ -1792,6 +1792,7 @@
CVE-2010-2227 (Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 ...)
- tomcat5.5 <removed>
- tomcat6 6.0.28-1 (bug #588813)
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2010-2226 [xfs SWAPEXT ioctl permissions bypass]
RESERVED
- linux-2.6 2.6.32-19
@@ -13424,6 +13425,7 @@
- linux-2.6.24 <removed> (low)
CVE-2009-2902 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through ...)
- tomcat6 6.0.24-1 (low)
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
- tomcat5.5 <removed>
CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and ...)
- tomcat6 <not-affected> (Windows-only)
@@ -20520,6 +20522,7 @@
CVE-2009-0783 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
- tomcat5.5 <unfixed> (low; bug #532366)
- tomcat6 6.0.20-1 (low; bug #532362)
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
- tomcat5 <removed> (low; bug #532363)
CVE-2009-0782
REJECTED
@@ -21616,6 +21619,7 @@
- openjdk-6 <undetermined>
CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
- tomcat6 6.0.20-1 (low; bug #532362)
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
- tomcat5 <removed> (low; bug #532363)
- tomcat5.5 <unfixed> (low; bug #532366)
CVE-2009-0579 (Linux-PAM before 1.0.4 does not enforce the minimum password age ...)
@@ -24211,7 +24215,8 @@
- sudo 1.6.9p17-2 (medium)
[etch] - sudo <not-affected> (Vulnerable code not present)
CVE-2009-0033 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
- - tomcat6 6.0.20-1 (medium; bug #532362)
+ - tomcat6 6.20-1
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
- tomcat5 <removed> (medium; bug #532363)
- tomcat5.5 <unfixed> (medium; bug #532366)
CVE-2009-0032 (CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) ...)
@@ -24454,8 +24459,7 @@
- tomcat5 <removed> (bug #532363)
- tomcat5.5 <unfixed> (bug #532366)
- tomcat6 6.0.20-1 (bug #532362)
- NOTE: http://tomcat.apache.org/security-6.html
- NOTE: http://tomcat.apache.org/security-5.html
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the ...)
{DTSA-174-2}
- uw-imap 2007b~dfsg-1.1 (medium; bug #510918)
More information about the Secure-testing-commits
mailing list