[Secure-testing-commits] r13804 - data/CVE

Wed Jan 13 20:59:26 UTC 2010

Author: jmm-guest
Date: 2010-01-13 20:59:26 +0000 (Wed, 13 Jan 2010)
New Revision: 13804

Modified:
   data/CVE/list
Log:
- centerim fixed
- drupal fixed
- snort fixed
- NFUs for the recent Adobe update


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-01-13 20:58:39 UTC (rev 13803)
+++ data/CVE/list	2010-01-13 20:59:26 UTC (rev 13804)
@@ -953,15 +953,17 @@
 CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5, ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
 CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module ...)
-	- drupal6 <unfixed> (low; bug #562165)
+	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
+	- drupal5 5.21-1
 CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...)
-	- drupal6 <unfixed> (low; bug #562165)
+	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
+	- drupal5 5.21-1
 CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module ...)
-	- drupal6 <unfixed> (low; bug #562165)
+	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
-	- drupal5 <unfixed> (low)
+	- drupal5 5.21-1 (low)
 CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have ...)
 	NOT-FOR-US: Centreon
 CVE-2009-4367 (The Staging Webservice (&quot;sitecore modules/staging/service/api.asmx&quot;) ...)
@@ -2168,18 +2170,25 @@
 	RESERVED
 CVE-2009-3959
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3958
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3957
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3956
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3955
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3954
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3953
 	RESERVED
+	NOT-FOR-US: Adobe Reader and Acrobat 8.0
 CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and ...)
 	TODO: check
 CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
@@ -3096,7 +3105,7 @@
 CVE-2009-3642 (Multiple SQL injection vulnerabilities in the Call Logging feature in ...)
 	NOT-FOR-US: FrontRange HEAT
 CVE-2009-3641 (Snort before 2.8.5.1, when the -v option is enabled, allows remote ...)
-	- snort <unfixed> (unimportant; bug #553584)
+	- snort 2.8.5.2-1 (unimportant; bug #553584)
 	NOTE: current debian packages are not compiled with support for ipv6
 CVE-2009-3640 (The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM ...)
 	- linux-2.6 2.6.31-1 (medium)
@@ -15142,12 +15151,8 @@
 CVE-2008-5914 (An unspecified function in the JavaScript implementation in Apple ...)
 	NOT-FOR-US: Apple
 CVE-2008-5913 (An unspecified function in the JavaScript implementation in Mozilla ...)
-	- xulrunner <unfixed> (low; bug #559792)
-	[etch] - xulrunner <no-dsa> (fix requires significant rewrite of prng)
-	[lenny] - xulrunner <no-dsa> (fix requires significant rewrite of prng)
-	- iceape <unfixed> (low)
-	[etch] - iceape <no-dsa> (fix requires significant rewrite of prng)
-	[lenny] - iceape <no-dsa> (fix requires significant rewrite of prng)
+	- xulrunner <unfixed> (undetermined; bug #559792)
+	- iceape <unfixed> (undetermined)
 CVE-2008-5912 (An unspecified function in the JavaScript implementation in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix ...)
@@ -18383,7 +18388,7 @@
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
 	- kadu 0.6.0.2-3 (low; bug #504429)
 	- ekg 1:1.8~rc0-1 (low)
-	- centerim <unfixed> (low; bug #559782)
+	- centerim 4.22.9-1 (low; bug #559782)
 	- qutecom <not-affected> (does not use libgadu embed; bug #559784)
 CVE-2008-4769 (Directory traversal vulnerability in the get_category_template ...)
 	{DSA-1871-2 DSA-1871-1}


