[Secure-testing-commits] r15682 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Fri Dec 10 23:02:31 UTC 2010
Author: geissert
Date: 2010-12-10 23:02:28 +0000 (Fri, 10 Dec 2010)
New Revision: 15682
Modified:
data/CVE/list
Log:
new wordpress and linux issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-10 21:14:53 UTC (rev 15681)
+++ data/CVE/list 2010-12-10 23:02:28 UTC (rev 15682)
@@ -1,3 +1,6 @@
+CVE-2010-XXXX [wordpress: insufficient permissions verification on XMLRPC interface]
+ - wordpress <unfixed> (bug #606657)
+ NOTE: http://core.trac.wordpress.org/changeset/16803
CVE-2010-4543
RESERVED
CVE-2010-4542
@@ -530,8 +533,10 @@
RESERVED
CVE-2010-4347
RESERVED
-CVE-2010-4346
+CVE-2010-4346 [linux: install_special_mapping skips security_file_mmap check]
RESERVED
+ - linux-2.6 <unfixed>
+ TODO: check
CVE-2010-4345
RESERVED
- exim4 <unfixed>
@@ -747,7 +752,6 @@
RESERVED
- linux-2.6 <unfixed>
CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
- NOTE: http://codex.wordpress.org/Version_3.0.2
NOTE: http://core.trac.wordpress.org/changeset/16625
- wordpress 3.0.2-1 (bug #605603)
CVE-2010-4256 [linux: pipe_fcntl local DoS]
@@ -1014,7 +1018,6 @@
NOT-FOR-US: DeluxeBB
CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
- php5 <unfixed>
- TODO: check
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
- turbogears2 2.0.3-1
CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
More information about the Secure-testing-commits
mailing list