[Secure-testing-commits] r15189 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Mon Aug 23 13:54:39 UTC 2010 

Author: jmm-guest
Date: 2010-08-23 13:54:38 +0000 (Mon, 23 Aug 2010)
New Revision: 15189

Modified:
   data/CVE/list
Log:
- lxr and lxr-cvs has been removed
- new OO.org issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-23 13:06:59 UTC (rev 15188)
+++ data/CVE/list	2010-08-23 13:54:38 UTC (rev 15189)
@@ -275,10 +275,12 @@
 CVE-2010-2937 [vlc input validation issue]
 	RESERVED
 	- vlc 1.1.3-1
-CVE-2010-2936
+CVE-2010-2936 [buffer overflow in impress]
 	RESERVED
-CVE-2010-2935
+	- openoffice.org 1:3.2.1-6
+CVE-2010-2935 [buffer overflow in impress]
 	RESERVED
+	- openoffice.org 1:3.2.1-6
 CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote ...)
 	TODO: check
 CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote ...)
@@ -3375,8 +3377,8 @@
 	NOT-FOR-US: com_newsfeeds component for joomla!
 CVE-2010-1738 (Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR ...)
 	{DSA-2092-1}
-	- lxr <unfixed> (low; bug #585411)
-	- lxr-cvs 0.9.5+cvs20071020-1+lenny1 (low; bug #585412)
+	- lxr <removed> (low; bug #585411)
+	- lxr-cvs <removed> (low; bug #585412)
 	NOTE: likely to be rejected as a dupe of CVE-2010-1448
 CVE-2010-1737 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Gallo
@@ -3666,7 +3668,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648
 CVE-2010-1625 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer ...)
 	{DSA-2092-1}
-	- lxr <unfixed> (low; bug #588138)
+	- lxr <removed> (low; bug #588138)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588137)
 CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ...)
 	- pidgin 2.7.0-1 (low)
@@ -4237,9 +4239,8 @@
 	[lenny] - python2.4 <no-dsa> (Minor issue)
 CVE-2010-1448 (Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR ...)
 	{DSA-2092-1}
-	- lxr <unfixed> (low; bug #585411)
+	- lxr <removed> (low; bug #585411)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588036)
-	TODO: prod maintainer (and find out why we have lxr and lxr-cvs)
 	NOTE: seems to be a dupe of CVE-2010-1738
 CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for ...)
 	{DSA-2051-1}

More information about the Secure-testing-commits mailing list