[Secure-testing-commits] r14963 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Mon Jul 5 11:07:17 UTC 2010 

Author: derevko-guest
Date: 2010-07-05 11:07:13 +0000 (Mon, 05 Jul 2010)
New Revision: 14963

Modified:
   data/CVE/list
Log:
CVE-2010-2233, CVE-2010-1632, CVE-2004-1733, CVE-2004-1732, are fixed in unstable
bug filed for CVE-2010-1625


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-07-05 09:32:35 UTC (rev 14962)
+++ data/CVE/list	2010-07-05 11:07:13 UTC (rev 14963)
@@ -934,8 +934,7 @@
 CVE-2010-2234
 	RESERVED
 CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
-	- tiff <undetermined>
-	TODO: check
+	- tiff 3.9.4-1 (low)
 CVE-2010-2232
 	RESERVED
 CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -2476,8 +2475,7 @@
 	- openssl <not-affected> (This bug is only present in OpenSSL 1.0.0)
 	TODO: recheck once >= 1.0.0 gets uploaded        
 CVE-2010-1632 (Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server ...)
-	- axis2c <undetermined>
-	TODO: check
+	- axis2c 1.6.0-1
 CVE-2010-1631
 	RESERVED
 CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 has ...)
@@ -2497,9 +2495,8 @@
 	- mysql-dfsg-5.0 <removed> (low; bug #584400)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648
 CVE-2010-1625 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer ...)
-	- lxr <undetermined>
-	- lxr-cvs <undetermined>
-	TODO: check
+	- lxr <unfixed> (bug #588138)
+	- lxr-cvs <unfixed> (bug #588137)
 CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ...)
 	- pidgin 2.7.0-1 (low)
 	[lenny] - pidgin 2.4.3-4lenny6
@@ -84709,11 +84706,9 @@
 CVE-2004-1734 (PHP remote file inclusion vulnerability in Mantis 0.19.0a allows ...)
 	- mantis 0.19.2-1
 CVE-2004-1733 (Directory traversal vulnerability in MyDMS 1.4.2 and other versions ...)
-	- mydms <undetermined>
-	TODO: check
+	- mydms 1.4.3-1
 CVE-2004-1732 (SQL injection vulnerability in out.ViewFolder.php in MyDMS before ...)
-	- mydms <undetermined>
-	TODO: check
+	- mydms 1.4.3-1
 CVE-2004-1731 (signup_page.php in Mantis bugtracker allows remote attackers to send ...)
 	- mantis 0.19.0-1
 CVE-2004-1730 (Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows ...)

More information about the Secure-testing-commits mailing list