[Secure-testing-commits] r15212 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Aug 25 21:14:49 UTC 2010 

Author: joeyh
Date: 2010-08-25 21:14:46 +0000 (Wed, 25 Aug 2010)
New Revision: 15212

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-25 20:08:59 UTC (rev 15211)
+++ data/CVE/list	2010-08-25 21:14:46 UTC (rev 15212)
@@ -1,8 +1,32 @@
+CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+	TODO: check
+CVE-2010-3119 (Google Chrome before 5.0.375.127 does not properly support the Ruby ...)
+	TODO: check
+CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google Chrome ...)
+	TODO: check
+CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+	TODO: check
+CVE-2010-3116 (Google Chrome before 5.0.375.127 does not properly process MIME types, ...)
+	TODO: check
+CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+	TODO: check
+CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127 ...)
+	TODO: check
+CVE-2010-3113 (Google Chrome before 5.0.375.127 does not properly handle SVG ...)
+	TODO: check
+CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file ...)
+	TODO: check
+CVE-2010-3111 (Google Chrome before 5.0.375.127 does not properly mitigate an ...)
+	TODO: check
+CVE-2010-3110
+	RESERVED
 CVE-2010-XXXX [CouchDB insecure library loading]
 	- couchdb <unfixed> (low; bug #594412)
 CVE-2010-2948 [quagga: buffer overflow in route refresh processing]
+	RESERVED
 	- quagga <unfixed> (bug #594262)
 CVE-2010-2949 [quagga: crash while processing AS paths in BGP updates]
+	RESERVED
 	- quagga <unfixed> (bug #594262)
 CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell iPrint ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
@@ -120,12 +144,10 @@
 	- freetype 2.4.2-1 (unimportant)
 CVE-2010-3053 (bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause ...)
 	- freetype 2.4.2-1
-CVE-2010-3056 [phpmyadmin PMASA-2010-5 Several XSS vulnerabilities were found in the code.]
-	RESERVED
+CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
 	- phpmyadmin 4:3.3.5.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php
-CVE-2010-3055 [phpmyadmin PMASA-2010-4 Insufficient output sanitizing when generating configuration file.]
-	RESERVED
+CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in phpMyAdmin ...)
 	- phpmyadmin <not-affected> (Affects only 2.x branch)
 	[lenny] - phpmyadmin <unfixed>
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php
@@ -348,8 +370,7 @@
 	RESERVED
 CVE-2010-2950
 	RESERVED
-CVE-2010-2947
-	RESERVED
+CVE-2010-2947 (Heap-based buffer overflow in the HX_split function in string.c in ...)
 	- libhx <unfixed> (low; bug #594393)
 CVE-2010-2946 [jfs issue]
 	RESERVED
@@ -697,8 +718,8 @@
 	[lenny] - squirrelmail <no-dsa> (low-risk issue)
 CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of ...)
 	TODO: check
-CVE-2010-2811
-	RESERVED
+CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
+	TODO: check
 CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in ...)
 	- lynx-cur <unfixed> (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue)
@@ -770,8 +791,8 @@
 CVE-2010-2785 (The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not ...)
 	{DSA-2078-1}
 	- kvirc 4:4.0.0-3
-CVE-2010-2784
-	RESERVED
+CVE-2010-2784 (The subpage MMIO initialization functionality in the subpage_register ...)
+	TODO: check
 CVE-2010-2783
 	RESERVED
 	- openjdk-6 6b18-1.8.1-1
@@ -4041,8 +4062,7 @@
 	NOT-FOR-US: Uiga Proxy
 CVE-2010-1527 (Stack-based buffer overflow in Novell iPrint Client before 5.44 allows ...)
 	TODO: check
-CVE-2010-1526
-	RESERVED
+CVE-2010-1526 (Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow ...)
 	- libgdiplus 2.6.7-2 (low; bug #594155)
 CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
 	TODO: check
@@ -7383,8 +7403,8 @@
 	- kdebase-workspace 4:4.4.3-1
 	NOTE: The binary package kdm was built from kdebase in Lenny and from kdebase-workspace
 	NOTE: in KDE 4.x, i.e. Squeeze onwards
-CVE-2010-0435
-	RESERVED
+CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise ...)
+	TODO: check
 CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache HTTP ...)
 	{DSA-2035-1}
 	- apache2 2.2.15-1
@@ -7393,14 +7413,14 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/5
 CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open ...)
 	NOT-FOR-US: Apache Open For Business Project (OFBiz)
-CVE-2010-0431
-	RESERVED
+CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat ...)
+	TODO: check
 CVE-2010-0430
 	RESERVED
-CVE-2010-0429
-	RESERVED
-CVE-2010-0428
-	RESERVED
+CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
+	TODO: check
+CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
+	TODO: check
 CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is used, ...)
 	{DSA-2006-1}
 	- sudo 1.7.0-1

More information about the Secure-testing-commits mailing list