[Secure-testing-commits] r15683 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Fri Dec 10 23:50:42 UTC 2010 

Author: geissert
Date: 2010-12-10 23:50:42 +0000 (Fri, 10 Dec 2010)
New Revision: 15683

Modified:
   data/CVE/list
Log:
cobbler itp, movabletype issues (great description btw), exim br#


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-10 23:02:28 UTC (rev 15682)
+++ data/CVE/list	2010-12-10 23:50:42 UTC (rev 15683)
@@ -64,10 +64,12 @@
 CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
 	TODO: check
 CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
-	TODO: check
+	- cobbler <itp> (bug #545583)
 CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	TODO: check
 CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
+	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	TODO: check
 CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
 	TODO: check
@@ -92,7 +94,7 @@
 CVE-2009-5022
 	RESERVED
 CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
-	TODO: check
+	- cobbler <itp> (bug #545583)
 CVE-2010-4507
 	RESERVED
 CVE-2010-4506
@@ -539,11 +541,11 @@
 	TODO: check
 CVE-2010-4345
 	RESERVED
-	- exim4 <unfixed>
+	- exim4 <unfixed> (bug #606612)
 CVE-2010-4344
 	RESERVED
 	{DSA-2131-1}
-	- exim4 4.70-1
+	- exim4 4.70-1 (bug #606612)
 CVE-2010-4343 [linux: bfa driver sysfs crash]
 	RESERVED
 	- linux-2.6 <unfixed>
@@ -1562,8 +1564,10 @@
 CVE-2010-3923
 	RESERVED
 CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	TODO: check
 CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
+	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	TODO: check
 CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
 	TODO: check
@@ -6127,7 +6131,7 @@
 CVE-2010-2236
 	RESERVED
 CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
-	TODO: check
+	- cobbler <itp> (bug #545583)
 CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
 	- tiff 3.9.4-2
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
@@ -18503,7 +18507,7 @@
 CVE-2008-6955 (mxCamArchive 2.2 stores sensitive information under the web root with ...)
 	NOT-FOR-US: mxCamArchive
 CVE-2008-6954 (The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote ...)
-	NOT-FOR-US: Cobbler
+	- cobbler <itp> (bug #545583)
 CVE-2008-6953 (Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other ...)
 	NOT-FOR-US: ooVoo
 CVE-2008-6952 (SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier ...)

More information about the Secure-testing-commits mailing list