[Secure-testing-commits] r15207 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Aug 25 09:22:13 UTC 2010 

Author: jmm-guest
Date: 2010-08-25 09:22:11 +0000 (Wed, 25 Aug 2010)
New Revision: 15207

Modified:
   data/CVE/list
Log:
new bugzilla issues, one should be fixed in a DSA, the rest
are harmless


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-25 07:52:37 UTC (rev 15206)
+++ data/CVE/list	2010-08-25 09:22:11 UTC (rev 15207)
@@ -700,10 +700,8 @@
 	- lynx-cur <unfixed> (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue)
 	NOTE: exploit scenario really obscure
-	TODO: File bug
 CVE-2010-2809 (The default configuration of the &lt;Button2&gt; binding in Uzbl before ...)
 	- uzbl <unfixed> (bug #594301)
-	TODO: File bug
 CVE-2010-2808 (Buffer overflow in the Mac_Read_POST_Resource function in ...)
 	- freetype 2.4.2-1
 CVE-2010-2807 (FreeType before 2.4.2 uses incorrect integer data types during bounds ...)
@@ -869,13 +867,13 @@
 CVE-2010-2760
 	RESERVED
 CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...)
-	TODO: check
+	- bugzilla <unfixed> (medium)
 CVE-2010-2758 (Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...)
-	TODO: check
+	- bugzilla <unfixed> (low)
 CVE-2010-2757 (The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through ...)
-	TODO: check
+	- bugzilla <unfixed> (low)
 CVE-2010-2756 (Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 ...)
-	TODO: check
+	- bugzilla <unfixed> (low)
 CVE-2010-2755 (layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not ...)
 	- xulrunner <not-affected> (Only exploitable in Firefox 3.6.x and above)
 CVE-2010-2754 (dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 ...)
@@ -4037,7 +4035,7 @@
 	TODO: check
 CVE-2010-1526
 	RESERVED
-	- libgdiplus <unfixed> (low; bug #594155)
+	- libgdiplus 2.6.7-2 (low; bug #594155)
 CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
 	TODO: check
 CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)

More information about the Secure-testing-commits mailing list