[Secure-testing-commits] r14874 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Tue Jun 15 22:07:45 UTC 2010
Author: jmm-guest
Date: 2010-06-15 22:07:45 +0000 (Tue, 15 Jun 2010)
New Revision: 14874
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
- new minor w3m issue
- notified maintainer on pyftpd spu upload, he's preparing one
- deluge of new webkit issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-15 21:14:24 UTC (rev 14873)
+++ data/CVE/list 2010-06-15 22:07:45 UTC (rev 14874)
@@ -547,14 +547,19 @@
RESERVED
CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from ...)
TODO: check
-CVE-2010-2074
+CVE-2010-2074 [w3m NULL byte in SSL cert]
RESERVED
+ - w3m <unfixed> (low)
+ [lenny] - w3m <no-dsa> (Minor issue)
+ TODO: File bug
CVE-2010-2073 [pyftpd default user accounts]
RESERVED
- - pyftpd <unfixed> (bug #585776)
+ - pyftpd <unfixed> (low; bug #585776)
+ [lenny] - pyftpd <no-dsa> (Minor issue)
CVE-2010-2072 [pyftpd insecure temp file]
RESERVED
- - pyftpd <unfixed> (bug #585773)
+ - pyftpd <unfixed> (low; bug #585773)
+ [lenny] - pyftpd <no-dsa> (Minor issue)
CVE-2010-2071
RESERVED
CVE-2010-2070
@@ -1749,13 +1754,13 @@
CVE-2010-1574
RESERVED
CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded ...)
- TODO: check
+ NOT-FOR-US: Linksys firmware
CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-1571 (Directory traversal vulnerability in the bootstrap service in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-1570 (The computer telephony integration (CTI) server component in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-1569
RESERVED
CVE-2010-1568 (The Send Secure functionality in the Cisco IronPort Desktop Flag ...)
@@ -2253,85 +2258,85 @@
CVE-2010-1424 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
CVE-2010-1422 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1421 (The execCommand JavaScript function in WebKit in Apple Safari before ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1420
RESERVED
CVE-2010-1419 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1417 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1416 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1415 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1414 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1413 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1411 [tiff heap overflow]
RESERVED
- tiff <undetermined>
TODO: check
CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1407
RESERVED
CVE-2010-1406 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1405 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1404 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1403 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1402 (Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1401 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1400 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1399 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1398 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1397 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1396 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1395 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1394 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1393 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1392 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1391 (Multiple directory traversal vulnerabilities in the (a) Local Storage ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1390 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1388 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1387
RESERVED
CVE-2010-1386
RESERVED
CVE-2010-1385 (Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...)
- TODO: check
+ - webkit <undetermined>
CVE-2010-1383
RESERVED
CVE-2010-1382
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2010-06-15 21:14:24 UTC (rev 14873)
+++ data/spu-candidates.txt 2010-06-15 22:07:45 UTC (rev 14874)
@@ -327,6 +327,12 @@
--
+pyftpd (CVE-2010-2072, CVE-2010-2073)
+bug #585776, #585773
+notified maintainer
+
+--
+
squid (CVE-2009-0801)
#521053
notified maintainer
@@ -480,6 +486,10 @@
--
+w3m (CVE-2010-2074)
+
+--
+
webkit (CVE-2008-4724)
#520052
asked maintainer
More information about the Secure-testing-commits
mailing list