[Secure-testing-commits] r15222 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Fri Aug 27 19:59:42 UTC 2010 

Author: jmm-guest
Date: 2010-08-27 19:59:40 +0000 (Fri, 27 Aug 2010)
New Revision: 15222

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
- couchdb CVEfied
- openssl fixed
- zope-ldapuserfolder has been removed
- slim no-dsa, will be fixed through point update


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-27 17:44:26 UTC (rev 15221)
+++ data/CVE/list	2010-08-27 19:59:40 UTC (rev 15222)
@@ -49,8 +49,6 @@
 	- webkit <not-affected> (chromium specific)
 CVE-2010-3110
 	RESERVED
-CVE-2010-XXXX [CouchDB insecure library loading]
-	- couchdb <unfixed> (low; bug #594412)
 CVE-2010-2948 [quagga: buffer overflow in route refresh processing]
 	RESERVED
 	- quagga 0.99.17-1 (bug #594262)
@@ -391,8 +389,9 @@
 	RESERVED
 CVE-2010-2954
 	RESERVED
-CVE-2010-2953
+CVE-2010-2953 [CouchDB insecure library loading]
 	RESERVED
+	- couchdb <unfixed> (low; bug #594412)
 CVE-2010-2952
 	RESERVED
 CVE-2010-2951
@@ -406,10 +405,11 @@
 	- linux-2.6 2.6.32-21
 CVE-2010-2945
 	RESERVED
-	- slim 1.3.1-7 (bug #594414)
+	- slim 1.3.1-7 (low; bug #594414)
+	[lenny] - slim <no-dsa> (Maintainer will fix through stable point update)
 CVE-2010-2944 (The authenticate function in LDAPUserFolder/LDAPUserFolder.py in ...)
 	{DSA-2096-1}
-	- zope-ldapuserfolder <unfixed> (high; bug #593466)
+	- zope-ldapuserfolder <removed> (high; bug #593466)
 CVE-2010-2943 [xfs infoleak]
 	RESERVED
 	- linux-2.6 <unfixed>
@@ -422,7 +422,7 @@
 	RESERVED
 	- sssd 1.2.1-4 (bug #594413)
 CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the ...)
-	- openssl <unfixed> (low; bug #594415)
+	- openssl 0.9.8o-2 (low; bug #594415)
 CVE-2010-2938
 	RESERVED
 CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2010-08-27 17:44:26 UTC (rev 15221)
+++ data/next-point-update.txt	2010-08-27 19:59:40 UTC (rev 15222)
@@ -12,3 +12,5 @@
         [lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1
 CVE-2010-2575
 	[lenny] - okular 0.7-2+lenny1
+CVE-2010-2945
+	[lenny] - slim 1.3.0-1+lenny3
\ No newline at end of file

More information about the Secure-testing-commits mailing list