[Secure-testing-commits] r15197 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Tue Aug 24 15:02:46 UTC 2010


Author: jmm-guest
Date: 2010-08-24 15:02:43 +0000 (Tue, 24 Aug 2010)
New Revision: 15197

Modified:
   data/CVE/list
Log:
lynx CVEfied, fix srcpkg name


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-24 14:31:45 UTC (rev 15196)
+++ data/CVE/list	2010-08-24 15:02:43 UTC (rev 15197)
@@ -176,11 +176,11 @@
 CVE-2010-3022 (Cross-site scripting (XSS) vulnerability in the Performance logging ...)
 	TODO: check
 CVE-2010-3021 (Unspecified vulnerability in Opera before 10.61 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-3020 (The news-feed preview feature in Opera before 10.61 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-3019 (Heap-based buffer overflow in Opera before 10.61 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-3018
 	RESERVED
 CVE-2010-3017
@@ -270,11 +270,6 @@
 CVE-2010-3014 (The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when ...)
 	- kfreebsd-7 <undetermined>
 	- kfreebsd-8 8.1-5
-CVE-2010-XXXX [lynx heap overflow]
-	- lynx <unfixed>
-	[lenny] - lynx <no-dsa> (Minor issue)
-	NOTE: exploit scenario really obscure
-	NOTE: https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254
 CVE-2010-3015 (Integer overflow in the ext4_ext_get_blocks function in ...)
 	{DSA-2094-1}
 	- linux-2.6 <unfixed>
@@ -545,9 +540,9 @@
 CVE-2010-2863
 	RESERVED
 CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2861 (Multiple directory traversal vulnerabilities in the administrator ...)
-	TODO: check
+	NOT-FOR-US: Adobe ColdFusion
 CVE-2010-2860 (The EMC Celerra Network Attached Storage (NAS) appliance accepts ...)
 	NOT-FOR-US: EMC
 CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...)
@@ -653,33 +648,33 @@
 CVE-2010-2828
 	RESERVED
 CVE-2010-2827 (Cisco IOS 15.1(2)T allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2826 (SQL injection vulnerability in Cisco Wireless Control System (WCS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2825 (Unspecified vulnerability in the SIP inspection feature on the Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2824 (Unspecified vulnerability on the Cisco Application Control Engine ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2823 (Unspecified vulnerability in the deep packet inspection feature on the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2822 (Unspecified vulnerability in the RTSP inspection feature on the Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2821 (Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2820 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2819 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2818 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2817 (Unspecified vulnerability in the IKE implementation on Cisco Adaptive ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2816 (Unspecified vulnerability in the SIP inspection feature on Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2815 (Unspecified vulnerability in the Transport Layer Security (TLS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2814 (Unspecified vulnerability in the Transport Layer Security (TLS) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2813 (functions/imap_general.php in SquirrelMail before 1.4.21 does not ...)
 	{DSA-2091-1}
 	- squirrelmail 2:1.4.21-1 (low)
@@ -689,7 +684,10 @@
 CVE-2010-2811
 	RESERVED
 CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in ...)
-	TODO: check
+	- lynx-cur <unfixed>
+	[lenny] - lynx-cur <no-dsa> (Minor issue)
+	NOTE: exploit scenario really obscure
+	TODO: File bug
 CVE-2010-2809 (The default configuration of the &lt;Button2&gt; binding in Uzbl before ...)
 	- uzbl <unfixed> 
 	TODO: File bug




More information about the Secure-testing-commits mailing list