[Secure-testing-commits] r15667 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Dec 8 21:04:00 UTC 2010 

Author: jmm-guest
Date: 2010-12-08 21:03:48 +0000 (Wed, 08 Dec 2010)
New Revision: 15667

Modified:
   data/CVE/list
Log:
- libapache2-mod-fcgid, libio-socket-ssl-perl, pybliographer, snappea, gnumed-client fixed
- bugs filed for cakephp, tomcat6


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-08 19:51:40 UTC (rev 15666)
+++ data/CVE/list	2010-12-08 21:03:48 UTC (rev 15667)
@@ -150,10 +150,10 @@
 	- openssl 0.9.8k-1
 CVE-2010-4334 [IO::Socket::SSL verify peer mode ignored if no cert supplied]
 	RESERVED
-	- libio-socket-ssl-perl <unfixed> (bug #606058)
+	- libio-socket-ssl-perl 1.35-1 (bug #606058)
 CVE-2010-4335 [cakephp controller/component/security.php unsafe unserialize]
 	RESERVED
-	- cakephp <unfixed>
+	- cakephp <unfixed> (bug #606386)
 	NOTE: https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
 CVE-2010-4336 [collectd: DoS in RRDtool and RRDCacheD plugins]
 	RESERVED
@@ -411,7 +411,7 @@
 CVE-2010-XXXX [python path]
 	- opendnssec 1.1.3-2 (low; bug #605161)
 CVE-2010-XXXX [python path]
-	- pybliographer <unfixed> (low; bug #605153)
+	- pybliographer 1.2.14-3 (low; bug #605153)
 CVE-2010-XXXX [python path]
 	- calendarserver <unfixed> (low; bug #605157)
 	[lenny] - calendarserver <no-dsa> (Minor issue)
@@ -419,7 +419,7 @@
 	- gquilt 0.22-1.1 (low; bug #605152)
 	[lenny] - gquilt <no-dsa> (Minor issue)
 CVE-2010-XXXX [python path]
-	- snappea <unfixed> (low; bug #605151)
+	- snappea 3.0d3-20 (low; bug #605151)
 	[lenny] - snappea <no-dsa> (Minor issue)
 CVE-2010-XXXX [python path]
 	- dlr-languages 20090805+git.e6b28d27+dfsg-3 (low; bug #605158)
@@ -428,7 +428,8 @@
 	- gnome-schedule <unfixed> (low; bug #605169)
 	[lenny] - gnome-schedule <no-dsa> (Minor issue)
 CVE-2010-XXXX [python path]
-	- gnumed-client <unfixed> (low; bug #605159)
+	- gnumed-client 0.8.5-1 (low; bug #605159)
+	[squeeze] - gnumed-client 0.7.10-1
 	[lenny] - gnumed-client <no-dsa> (Minor issue)
 CVE-2010-XXXX [python path]
 	- distcc 3.1-3.2 (low; bug #605168)
@@ -745,8 +746,7 @@
 CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
 	- libsdp 1.1.99-2.1 (bug #603841)
 CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
-	- tomcat6 <unfixed>
-	TODO: check
+	- tomcat6 <unfixed> (bug #606388)
 CVE-2010-4171
 	RESERVED
 	- systemtap 1.2-3 (bug #603946)
@@ -1456,8 +1456,7 @@
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
 CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
-	- libapache2-mod-fcgid <unfixed> (bug #605484)
-	TODO: check
+	- libapache2-mod-fcgid 1:2.3.6-1 (bug #605484)
 CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
 	- mahara <not-affected> (Vulnerable feature introduced in 1.3)
 CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)

More information about the Secure-testing-commits mailing list