[Secure-testing-commits] r14997 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Jul 15 21:18:13 UTC 2010
Author: jmm-guest
Date: 2010-07-15 21:18:13 +0000 (Thu, 15 Jul 2010)
New Revision: 14997
Modified:
data/CVE/list
Log:
- bugzilla fixed
- rewrite several older bugzilla entries now that
3.4 is in unstable
- Oracle NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-07-15 21:14:35 UTC (rev 14996)
+++ data/CVE/list 2010-07-15 21:18:13 UTC (rev 14997)
@@ -854,29 +854,29 @@
CVE-2010-2404
RESERVED
CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2401 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2400 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2399 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Java System Application Serve
CVE-2010-2396
RESERVED
CVE-2010-2395
RESERVED
CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2391
RESERVED
CVE-2010-2390
@@ -888,39 +888,39 @@
CVE-2010-2387
RESERVED
CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2385 (Unspecified vulnerability in Oracle Sun Java System Web Proxy Server ...)
TODO: check
CVE-2010-2384 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2383 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2382 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2381 (Unspecified vulnerability in the Application Server Control component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-2380 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2379 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time & ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2378 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2377 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-2376 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2375 (Package/Privilege: Plugins for Apache, Sun and IIS web servers ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-2374 (Unspecified vulnerability in Solaris Studio 12 update 1 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-2373 (Unspecified vulnerability in the Console component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Enterprise Manager Grid Control
CVE-2010-2372 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-2369
RESERVED
CVE-2010-2368
@@ -1269,7 +1269,7 @@
CVE-2010-2245
RESERVED
CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...)
- TODO: check
+ - avahi <undetermined>
CVE-2010-2243 [timekeeping oops]
RESERVED
- linux-2.6 2.6.32-11
@@ -4166,7 +4166,7 @@
- tuxonice-userui <unfixed>
TODO: binNMU tuxonice-userui once libpng is fixed
CVE-2010-1204 (Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 ...)
- - bugzilla <unfixed> (low; bug #587663)
+ - bugzilla 3.4.7.0-1 (low; bug #587663)
[lenny] - bugzilla <no-dsa> (Minor issue)
CVE-2010-1203 (The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow ...)
- xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
@@ -5069,7 +5069,7 @@
CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0916 (Unspecified vulnerability in Oracle OpenSolaris 10 allows local users ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-0915 (Unspecified vulnerability in the Oracle Advanced Product Catalog ...)
TODO: check
CVE-2010-0914 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
@@ -9309,7 +9309,7 @@
CVE-2009-3990
RESERVED
CVE-2009-3989 (Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and ...)
- - bugzilla <unfixed> (unimportant)
+ - bugzilla 3.4.7.0-1 (unimportant)
NOTE: http://www.bugzilla.org/security/3.0.10/
CVE-2009-3988 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and ...)
{DSA-1999-1}
@@ -11096,9 +11096,11 @@
[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group ...)
- - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
+ - bugzilla 3.4.7.0-1
+ [lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 ...)
- - bugzilla <not-affected> (Only 3.3 onwards are affected)
+ - bugzilla 3.4.7.0-1
+ [lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
CVE-2009-3385 (The mail component in Mozilla SeaMonkey before 1.1.19 does not ...)
{DSA-1922-1}
- xulrunner 1.9.0.15-1
@@ -11683,7 +11685,8 @@
CVE-2008-7221 (Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows ...)
NOT-FOR-US: RunCMS
CVE-2009-3166 (token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL ...)
- - bugzilla <not-affected> (only 3.4.x is affected)
+ - bugzilla 3.4.7.0-1
+ [lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
CVE-2009-3165 (SQL injection vulnerability in the Bug.create WebService function in ...)
{DSA-1913-1}
- bugzilla 3.2.5.0-1 (low; bug #547132)
@@ -11945,7 +11948,8 @@
CVE-2009-3146 (Cross-site scripting (XSS) vulnerability in search_advance.php in ...)
NOT-FOR-US: ArticleFriend Script
CVE-2009-3125 (SQL injection vulnerability in the Bug.search WebService function in ...)
- - bugzilla <not-affected> (Only 3.3.x and 3.4.x are affected)
+ - bugzilla 3.4.7.0-1
+ [lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in QuarkMail ...)
NOT-FOR-US: QuarkMail
CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in Wap-Motor ...)
More information about the Secure-testing-commits
mailing list