[Secure-testing-commits] r14803 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Fri Jun 4 21:55:32 UTC 2010 

Author: jmm-guest
Date: 2010-06-04 21:55:26 +0000 (Fri, 04 Jun 2010)
New Revision: 14803

Modified:
   data/CVE/list
Log:
- bug already present for cacti issue
- minor python buglet
- serendipity already CVEfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-04 21:42:22 UTC (rev 14802)
+++ data/CVE/list	2010-06-04 21:55:26 UTC (rev 14803)
@@ -149,13 +149,18 @@
 	- php5 <unfixed> (unimportant)
 	NOTE: Only triggerable through malicious script
 CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier ...)
-	TODO: check
+	- cacti <unfixed> (bug #582691)
 CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 ...)
 	NOT-FOR-US: Microsoft OWA
 CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM ...)
 	NOT-FOR-US: IBM Communications Server
 CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the ...)
-	TODO: check
+	- python2.7 <unfixed> (low)
+	- python2.6 <unfixed> (low)
+	- python2.5 <unfixed> (low)
+	[lenny] - python2.5 <no-dsa> (Minor issue)
+	- python2.4 <removed> (low)
+	[lenny] - python2.4 <no-dsa> (Minor issue)
 CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted ...)
 	NOT-FOR-US: Microsoft .NET
 CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...)
@@ -631,7 +636,9 @@
 	- php5 <unfixed> (low)
 	[lenny] - php5 <no-dsa> (Minor issue)
 CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 ...)
-	TODO: check the embedded copies
+	- serendipity 1.5.3-1
+	[lenny] - serendipity <not-affected> (Only affects >= 1.4)
+	TODO: check the embedded copies of Xinha
 CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through ...)
 	- php5 <unfixed> (unimportant)
 CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...)
@@ -748,9 +755,6 @@
 	RESERVED
 	- mysql-server-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-XXXX [serendipity xinha issue]
-	- serendipity 1.5.3-1
-	[lenny] - serendipity <not-affected> (Only affects >= 1.4)
 CVE-2010-XXXX [wicd changes permissions of resolv.conf]
 	- wicd 1.7.0+ds1-3 (low; bug #582798)
 CVE-2010-1849 [DoS through oversized packets]

More information about the Secure-testing-commits mailing list