[Secure-testing-commits] r15692 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Dec 13 00:44:15 UTC 2010
Author: gilbert-guest
Date: 2010-12-13 00:44:15 +0000 (Mon, 13 Dec 2010)
New Revision: 15692
Modified:
data/CVE/list
Log:
new openssh issue; clean up recent apple NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-13 00:10:17 UTC (rev 15691)
+++ data/CVE/list 2010-12-13 00:44:15 UTC (rev 15692)
@@ -228,8 +228,8 @@
[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly ...)
- - openssh <unfixed>
- TODO: check
+ - openssh <unfixed> (bug #606922)
+ [lenny] - openssh <not-affected> (doesn't include J-PAKE)
CVE-2010-4477
RESERVED
CVE-2010-4476
@@ -1370,7 +1370,7 @@
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
NOT-FOR-US: Apple Type Services
CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
{DSA-2128-1}
- libxml2 2.7.8.dfsg-1 (bug #602609)
@@ -1650,7 +1650,7 @@
CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple Mail
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-3885
@@ -1835,18 +1835,18 @@
- mysql-5.1 5.1.49-3 (bug #599937)
- mysql-dfsg-5.0 <removed>
CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
- NOT-FOR-US: Apple iOS
+ NOT-FOR-US: Apple iOS Telophony
CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic ...)
- NOT-FOR-US: Apple iOS
+ NOT-FOR-US: Apple iOS Photos
CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer during ...)
- NOT-FOR-US: Apple iOS
+ NOT-FOR-US: Apple iOS Networking
CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to bypass the ...)
- webkit <undetermined>
- chromium-browser <undetermined>
CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle ...)
- NOT-FOR-US: Apple iOS
+ NOT-FOR-US: Apple iOS iAd
CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before ...)
- NOT-FOR-US: Apple iOS
+ NOT-FOR-US: Apple iOS configuration installation utility
CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
- webkit <undetermined>
- chromium-browser <undetermined>
@@ -1916,45 +1916,45 @@
- webkit <undetermined>
- chromium-browser <undetermined>
CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3799
RESERVED
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
- xar <removed>
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple Wiki Server
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple Safari RSS
CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickTime
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickLook
CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple QuickLook
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple Printing
CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
- NOT-FOR-US: Apple Mac OS X
+ NOT-FOR-US: Apple Password Server
CVE-2010-3782
RESERVED
CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properly ...)
More information about the Secure-testing-commits
mailing list