[Secure-testing-commits] r14110 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Feb 16 19:10:50 UTC 2010
Author: gilbert-guest
Date: 2010-02-16 19:10:49 +0000 (Tue, 16 Feb 2010)
New Revision: 14110
Modified:
data/CVE/list
Log:
new issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-16 17:46:25 UTC (rev 14109)
+++ data/CVE/list 2010-02-16 19:10:49 UTC (rev 14110)
@@ -5,6 +5,18 @@
CVE-2010-XXXX [pidgin remote dos]
- pidgin <unfixed> (low; bug #562720)
TODO: check
+CVE-2010-XXXX [fwbuilder temp file issue]
+ - fwbuilder 3.0.7-1 (low)
+ NOTE: http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
+CVE-2010-XXXX [pfribidi buffer overflow]
+ - pyfribidi <undetermined> (medium; bug #570068)
+ TODO: check
+CVE-2010-XXXX [phpbb3 weak captcha]
+ - phpbb3 <unfixed> (unimportant; bug #570011)
+CVE-2010-XXXX [moinmoin "major" undisclosed issue]
+ - moinmoin <undetermined> (medium; bug #569975)
+ NOTE: mentioned in 1.9.1 security fix announcement (http://moinmo.in/SecurityFixes), so may be fixed there
+ TODO: check
CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
TODO: check
CVE-2010-0629
@@ -235,8 +247,9 @@
NOT-FOR-US: Oracle OpenSolaris
CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified access ...)
NOT-FOR-US: IBM Cognos Express
-CVE-2010-0556
+CVE-2010-0556 [google chrome password manager issue]
RESERVED
+ - chromium-browser <itp> (low; bug #520334)
CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows remote ...)
TODO: check
CVE-2003-1586 (Cross-site scripting (XSS) vulnerability in WebExpert allows remote ...)
@@ -6273,6 +6286,10 @@
CVE-2009-3016 (Apple Safari 4.0.3 does not properly block javascript: and data: URIs ...)
NOT-FOR-US: Apple Safari
CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and ...)
+ - webkit <unfixed> (unimportant)
+ - qt4-x11 <unfixed> (unimportant)
+ - kdelibs <unfixed> (unimportant)
+ - kde4libs <unfixed> (unimportant)
NOTE: This is a web site issue (open redirector), not a browser problem.
CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
NOTE: This is a web site issue (open redirector), not a browser problem.
More information about the Secure-testing-commits
mailing list