[Secure-testing-commits] r15666 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Dec 8 19:51:43 UTC 2010
Author: jmm-guest
Date: 2010-12-08 19:51:40 +0000 (Wed, 08 Dec 2010)
New Revision: 15666
Modified:
data/CVE/list
Log:
- bug filed for libcgi-pm-perl, partly fixed in sid,
needed in testing, also affects libcgi-simple-perl
- openssl fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-08 11:24:50 UTC (rev 15665)
+++ data/CVE/list 2010-12-08 19:51:40 UTC (rev 15666)
@@ -140,16 +140,14 @@
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
TODO: check
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
- - libcgi-pm-perl <unfixed>
- TODO: check
+ - libcgi-pm-perl <unfixed> (bug #606370)
CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
- - libcgi-pm-perl <unfixed>
- TODO: check
+ - libcgi-pm-perl 3.50-1 (bug #606370)
+ - libcgi-simple-perl <unfixed> (bug #606379)
CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
TODO: check
CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
- - openssl <unfixed>
- TODO: check
+ - openssl 0.9.8k-1
CVE-2010-4334 [IO::Socket::SSL verify peer mode ignored if no cert supplied]
RESERVED
- libio-socket-ssl-perl <unfixed> (bug #606058)
@@ -4507,8 +4505,8 @@
- xulrunner <not-affected> (Only affects 3.6, only in experimental)
- iceweasel <not-affected> (Only affects 3.6, only in experimental)
CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...)
- - libcgi-pm-perl <unfixed>
- NOTE: 4CF685D7.4070208 at redhat.com
+ - libcgi-pm-perl 3.50-1 (bug #606370)
+ - libcgi-simple-perl <unfixed> (bug #606379)
CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
{DSA-2106-1}
- xulrunner <removed>
More information about the Secure-testing-commits
mailing list