[Secure-testing-commits] r14931 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Jun 30 07:00:57 UTC 2010 

Author: jmm-guest
Date: 2010-06-30 07:00:44 +0000 (Wed, 30 Jun 2010)
New Revision: 14931

Modified:
   data/CVE/list
Log:
- cups fixed
- adobe reader NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-30 00:05:14 UTC (rev 14930)
+++ data/CVE/list	2010-06-30 07:00:44 UTC (rev 14931)
@@ -182,7 +182,7 @@
 CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS ...)
 	- cups <unfixed>
 CVE-2010-2431 (The cupsFileOpen function in CUPS before 1.4.4 allows local users, ...)
-	- cups <unfixed>
+	- cups 1.4.4-1
 CVE-2010-2430
 	RESERVED
 CVE-2010-2429 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, ...)
@@ -718,28 +718,39 @@
 	RESERVED
 CVE-2010-2212
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2211
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2210
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2209
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2208
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2207
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2206
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2205
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2204
 	RESERVED
 CVE-2010-2203
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2202
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2201
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2200
 	RESERVED
 CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...)
@@ -820,6 +831,7 @@
 	NOT-FOR-US: Adobe Flash
 CVE-2010-2168
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player before ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
@@ -1921,7 +1933,7 @@
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625
 	NOTE: http://trac.webkit.org/changeset/45941
 CVE-2010-1748 (The cgi_initialize_string function in cgi-bin/var.c in the web ...)
-	- cups <unfixed>
+	- cups 1.4.4-1
 CVE-2010-1747
 	RESERVED
 CVE-2010-1746 (Multiple cross-site scripting (XSS) vulnerabilities in the Table JX ...)
@@ -3269,6 +3281,7 @@
 	NOT-FOR-US: Adobe Photoshop CS4
 CVE-2010-1295
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2010-1293 (Cross-site scripting (XSS) vulnerability in the Administrator page in ...)
@@ -3289,6 +3302,7 @@
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-1285
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2010-1284 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-1283 (Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D ...)
@@ -5584,12 +5598,12 @@
 CVE-2010-0543 (ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...)
-	- cups <unfixed>
+	- cups 1.4.4-1
 CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...)
 	- libwebapp-ruby <undetermined>
 	TODO: check
 CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
-	- cups <unfixed>
+	- cups 1.4.4-1
 CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)
 	NOT-FOR-US: Apple Java
 CVE-2010-0538 (Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X ...)

More information about the Secure-testing-commits mailing list