[Secure-testing-commits] r14791 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Thu Jun 3 14:49:58 UTC 2010 

Author: derevko-guest
Date: 2010-06-03 14:49:50 +0000 (Thu, 03 Jun 2010)
New Revision: 14791

Modified:
   data/CVE/list
Log:
some bugs filed
chromium issues are fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-03 11:51:28 UTC (rev 14790)
+++ data/CVE/list	2010-06-03 14:49:50 UTC (rev 14791)
@@ -44,17 +44,17 @@
 CVE-2010-2111 (Cross-site request forgery (CSRF) vulnerability in user/user-set.do in ...)
 	TODO: check
 CVE-2010-2110 (Google Chrome before 5.0.375.55 does not properly execute JavaScript ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2109 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2108 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2107 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2106 (Unspecified vulnerability in Google Chrome before 5.0.375.55 might ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2105 (Google Chrome before 5.0.375.55 does not properly follow the Safe ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 5.0.375.55~r47796-1
 CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and ...)
 	NOT-FOR-US: Orbit Downloader
 CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in ...)
@@ -1166,9 +1166,9 @@
 CVE-2010-1627 (feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check ...)
 	- phpbb3 3.0.7-PL1-1
 CVE-2010-1626 (MySQL before 5.1.46 allows local users to delete the data and index ...)
-	- mysql-dfsg-5.1 <unfixed>
+	- mysql-dfsg-5.1 <unfixed> (low; bug #584399)
+	- mysql-dfsg-5.0 <unfixed> (low; bug #584400)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648
-	TODO: File bug
 CVE-2010-1625
 	RESERVED
 CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ...)
@@ -1184,7 +1184,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=590190
 	TODO: check
 CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...)
-	- gnustep-base <unfixed>
+	- gnustep-base 1.19.3-2 (bug #584401)
 	[lenny] - gnustep-base <no-dsa> (Minor issue)
 CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
 	NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
@@ -1701,7 +1701,7 @@
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
 	NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
 CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local ...)
-	- gnustep-base <unfixed>
+	- gnustep-base 1.19.3-2 (bug #584402)
 	[lenny] - gnustep-base <not-affected> (Not installed setuid root)
 	NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
 CVE-2010-1456

More information about the Secure-testing-commits mailing list