[Secure-testing-commits] r15155 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Aug 17 01:18:11 UTC 2010
Author: gilbert-guest
Date: 2010-08-17 01:18:10 +0000 (Tue, 17 Aug 2010)
New Revision: 15155
Modified:
data/CVE/list
Log:
ruby fixed; new kernel issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-16 15:16:45 UTC (rev 15154)
+++ data/CVE/list 2010-08-17 01:18:10 UTC (rev 15155)
@@ -3,6 +3,8 @@
[lenny] - lynx <no-dsa> (Minor issue)
NOTE: exploit scenario really obscure
NOTE: https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254
+CVE-2010-3015 [ext4 integer overflow]
+ - linux-2.6 <unfixed>
CVE-2010-2995 [Wireshark 1.2.10 SigComp Universal Decompressor Virtual Machine could overrun a buffer]
- wireshark 1.2.10-1
CVE-2010-2992 [Wireshark 1.2.10 GSM A RR dissector could crash]
@@ -6858,13 +6860,12 @@
CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...)
- cups 1.4.4-1
CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...)
- - ruby1.8 <unfixed>
+ - ruby1.8 1.8.7.302-1
[lenny] - ruby1.8 <no-dsa> (Minor issue)
- - ruby1.9 <unfixed>
+ - ruby1.9 <removed>
[lenny] - ruby1.9 <no-dsa> (Minor issue)
- - ruby1.9.1 <unfixed>
+ - ruby1.9.1 <unfixed> (bug #593298)
NOTE: File bugs: https://bugzilla.redhat.com/show_bug.cgi?id=587731#c3
- TODO: File bugs, no-dsa for Lenny
CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
- cups 1.4.4-1
CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)
More information about the Secure-testing-commits
mailing list