[Secure-testing-commits] r15682 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Fri Dec 10 23:02:31 UTC 2010


Author: geissert
Date: 2010-12-10 23:02:28 +0000 (Fri, 10 Dec 2010)
New Revision: 15682

Modified:
   data/CVE/list
Log:
new wordpress and linux issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-10 21:14:53 UTC (rev 15681)
+++ data/CVE/list	2010-12-10 23:02:28 UTC (rev 15682)
@@ -1,3 +1,6 @@
+CVE-2010-XXXX [wordpress: insufficient permissions verification on XMLRPC interface]
+	- wordpress <unfixed> (bug #606657)
+	NOTE: http://core.trac.wordpress.org/changeset/16803
 CVE-2010-4543
 	RESERVED
 CVE-2010-4542
@@ -530,8 +533,10 @@
 	RESERVED
 CVE-2010-4347
 	RESERVED
-CVE-2010-4346
+CVE-2010-4346 [linux: install_special_mapping skips security_file_mmap check]
 	RESERVED
+	- linux-2.6 <unfixed>
+	TODO: check
 CVE-2010-4345
 	RESERVED
 	- exim4 <unfixed>
@@ -747,7 +752,6 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
-	NOTE: http://codex.wordpress.org/Version_3.0.2
 	NOTE: http://core.trac.wordpress.org/changeset/16625
 	- wordpress 3.0.2-1 (bug #605603)
 CVE-2010-4256 [linux: pipe_fcntl local DoS]
@@ -1014,7 +1018,6 @@
 	NOT-FOR-US: DeluxeBB
 CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
 	- php5 <unfixed>
-	TODO: check
 CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
 	- turbogears2 2.0.3-1
 CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)




More information about the Secure-testing-commits mailing list