[Secure-testing-commits] r15691 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Dec 13 00:10:21 UTC 2010
Author: gilbert-guest
Date: 2010-12-13 00:10:17 +0000 (Mon, 13 Dec 2010)
New Revision: 15691
Modified:
data/CVE/list
Log:
a couple more kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-13 00:02:04 UTC (rev 15690)
+++ data/CVE/list 2010-12-13 00:10:17 UTC (rev 15691)
@@ -3933,6 +3933,7 @@
NOTE: Extremely obscure attack vector, marking as unimportant
CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
- linux-2.6 2.6.32-25
+ [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.30)
CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat ...)
NOT-FOR-US: Apache Qpid
CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 ...)
@@ -3982,8 +3983,7 @@
{DSA-2126-1}
- linux-2.6 2.6.32-24
CVE-2010-3066 (The io_submit_one function in fs/aio.c in the Linux kernel before ...)
- - linux-2.6 <unfixed>
- TODO: check
+ - linux-2.6 2.6.23-1
CVE-2010-3064 (Stack-based buffer overflow in the php_mysqlnd_auth_write function in ...)
- php5 <unfixed> (unimportant)
NOTE: mysqlnd not used in squeeze/sid
More information about the Secure-testing-commits
mailing list