[Secure-testing-commits] r14060 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Mon Feb 8 04:56:39 UTC 2010
Author: geissert
Date: 2010-02-08 04:56:39 +0000 (Mon, 08 Feb 2010)
New Revision: 14060
Modified:
data/CVE/list
Log:
n-m issues update, thanks Michael Biebl
one otrs issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-07 22:10:57 UTC (rev 14059)
+++ data/CVE/list 2010-02-08 04:56:39 UTC (rev 14060)
@@ -257,8 +257,12 @@
TODO: check
CVE-2010-0439
RESERVED
-CVE-2010-0438
+CVE-2010-0438 [OTRS SQL injection]
RESERVED
+ - otrs <not-affected> (vulnerable code not present)
+ [etch] - otrs2 <not-affected> (vulnerable code not present)
+ - otrs2 2.4.7-1 (medium)
+ NOTE: http://otrs.org/advisory/OSA-2010-01-en/
CVE-2010-0437
RESERVED
CVE-2010-0436
@@ -2189,10 +2193,8 @@
- xpat2 <unfixed> (unimportant; bug #560087)
CVE-2009-4144 (NetworkManager (NM) 0.7.2 does not ensure that the configured ...)
- network-manager-applet 0.7.2-2 (low; bug #560067)
- - network-manager 0.6.5-1 (low)
- [lenny] - network-manager-applet <no-dsa> (minor issue)
- [etch] - network-manager <no-dsa> (minor issue)
- NOTE: network-manager in lenny not affected, because it is in network-manager-applet
+ [lenny] - network-manager-applet <not-affected> (WPA/enterprise was added in 0.7.2)
+ - network-manager <not-affected> (vulnerable code is in -applet, which is a source package on its own as of 0.6.5)
CVE-2009-XXXX [unsafe xfs]
- xfs 1:1.0.8-6 (low; bug #521107)
[etch] - xfs <no-dsa> (minor issue)
@@ -2511,11 +2513,8 @@
- kfreebsd-6 <not-affected> (the affected file -rtld.c- is not in the archive, not even kFreeBSD)
CVE-2009-4145 (nm-connection-editor in NetworkManager (NM) 0.7.x exports connection ...)
- network-manager-applet 0.7.2-2 (low; bug #563371)
- - network-manager 0.6.5-1 (low)
- [lenny] - network-manager-applet <no-dsa> (minor issue)
- [etch] - network-manager <no-dsa> (minor issue)
- NOTE: network-manager in lenny not affected, because it is in network-manager-applet
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=546117
+ - network-manager <not-affected> (-editor introduced in 0.7 on the -applet package)
+ [lenny] - network-manager-applet <not-affected> (-editor was introduced in 0.7)
CVE-2009-4143 (PHP before 5.2.12 does not properly handle session data, which has ...)
- php5 5.2.12.dfsg.1-1 (low)
CVE-2009-4142 (The htmlspecialchars function in PHP before 5.2.12 does not properly ...)
More information about the Secure-testing-commits
mailing list