[Secure-testing-commits] r15668 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Dec 8 21:15:00 UTC 2010
Author: joeyh
Date: 2010-12-08 21:14:58 +0000 (Wed, 08 Dec 2010)
New Revision: 15668
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-08 21:03:48 UTC (rev 15667)
+++ data/CVE/list 2010-12-08 21:14:58 UTC (rev 15668)
@@ -1,3 +1,93 @@
+CVE-2011-0025
+ RESERVED
+CVE-2011-0024
+ RESERVED
+CVE-2011-0023
+ RESERVED
+CVE-2011-0022
+ RESERVED
+CVE-2011-0021
+ RESERVED
+CVE-2011-0020
+ RESERVED
+CVE-2011-0019
+ RESERVED
+CVE-2011-0018
+ RESERVED
+CVE-2011-0017
+ RESERVED
+CVE-2011-0016
+ RESERVED
+CVE-2011-0015
+ RESERVED
+CVE-2011-0014
+ RESERVED
+CVE-2011-0013
+ RESERVED
+CVE-2011-0012
+ RESERVED
+CVE-2011-0011
+ RESERVED
+CVE-2011-0010
+ RESERVED
+CVE-2011-0009
+ RESERVED
+CVE-2011-0008
+ RESERVED
+CVE-2011-0007
+ RESERVED
+CVE-2011-0006
+ RESERVED
+CVE-2011-0005
+ RESERVED
+CVE-2011-0004
+ RESERVED
+CVE-2011-0003
+ RESERVED
+CVE-2011-0002
+ RESERVED
+CVE-2011-0001
+ RESERVED
+CVE-2010-4499
+ RESERVED
+CVE-2010-4498
+ RESERVED
+CVE-2010-4497
+ RESERVED
+CVE-2010-4496
+ RESERVED
+CVE-2010-4495
+ RESERVED
+CVE-2010-4494 (Double free vulnerability in Google Chrome before 8.0.552.215 allows ...)
+ TODO: check
+CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict privileged ...)
+ TODO: check
+CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2010-4489 (Google Chrome before 8.0.552.215 does not properly handle WebM video, ...)
+ TODO: check
+CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy ...)
+ TODO: check
+CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the ...)
+ TODO: check
+CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 ...)
+ TODO: check
+CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read ...)
+ TODO: check
+CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows ...)
+ TODO: check
+CVE-2010-4481
+ RESERVED
+CVE-2010-4480
+ RESERVED
CVE-2010-4510
REJECTED
CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...)
@@ -723,8 +813,8 @@
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
- openssl 0.9.8o-4
NOTE: http://www.openssl.org/news/secadv_20101202.txt
-CVE-2010-4179
- RESERVED
+CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, ...)
+ TODO: check
CVE-2010-4178
RESERVED
- mysql-gui-tools <unfixed> (low; bug #605542)
@@ -735,8 +825,7 @@
- mysql-gui-tools <unfixed> (low; bug #605542)
[squeeze] - mysql-gui-tools <no-dsa> (Minor issue)
[lenny] - mysql-gui-tools <no-dsa> (Minor issue)
-CVE-2010-4176 [dracut: wrong /dev/systty permissions]
- RESERVED
+CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...)
- dracut <not-affected> (vulnerable script not shipped)
CVE-2010-4175 [linux: integer overflow in RDS]
RESERVED
@@ -747,11 +836,9 @@
- libsdp 1.1.99-2.1 (bug #603841)
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
- tomcat6 <unfixed> (bug #606388)
-CVE-2010-4171
- RESERVED
+CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...)
- systemtap 1.2-3 (bug #603946)
-CVE-2010-4170
- RESERVED
+CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the ...)
- systemtap 1.2-3 (bug #603946)
CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
- linux-2.6 <unfixed>
@@ -794,8 +881,8 @@
NOT-FOR-US: 4site CMS
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
NOT-FOR-US: DeluxeBB
-CVE-2010-4150
- RESERVED
+CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
+ TODO: check
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
- turbogears2 2.0.3-1
CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
@@ -1648,7 +1735,7 @@
CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
- webkit <undetermined>
- chromium-browser <undetermined>
-CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+CVE-2010-3812 (Integer overflow in the wholeText method in WebKit in Apple Safari ...)
- webkit <unfixed>
- chromium-browser <undetermined>
NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257
@@ -2814,7 +2901,7 @@
RESERVED
CVE-2010-3370
RESERVED
-CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3 ...)
+CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...)
- mono-debugger 2.6.3-2.1 (bug #598299)
CVE-2010-3368
RESERVED
@@ -14687,7 +14774,7 @@
NOT-FOR-US: IBM Rational AppScan Enterprise Edition
CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...)
NOT-FOR-US: EMC RepliStor
-CVE-2009-3743 (Off-by-one error in the TrueType bytecode interpreter in Ghostscript ...)
+CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytecode ...)
- ghostscript 8.71~dfsg-1
CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...)
NOT-FOR-US: Liferay Portal
More information about the Secure-testing-commits
mailing list