[Secure-testing-commits] r14937 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Wed Jun 30 19:45:03 UTC 2010 

Author: geissert
Date: 2010-06-30 19:44:50 +0000 (Wed, 30 Jun 2010)
New Revision: 14937

Modified:
   data/CVE/list
Log:
multiple issues CVEified
"new" linux issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-30 19:09:35 UTC (rev 14936)
+++ data/CVE/list	2010-06-30 19:44:50 UTC (rev 14937)
@@ -1,12 +1,3 @@
-CVE-2010-XXXX [XSS in python mako's escape.cgi]
-	- python-mako <undetermined>
-	TODO: check
-	NOTE: http://bugs.python.org/issue9061
-CVE-2010-XXXX [XSS in paste.httpexceptions]
-	- python-paste 1.7.4-1
-	NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
-	NOTE: CVE requested
-	TODO: evaluate
 CVE-2010-2515 (Multiple SQL injection vulnerabilities in index.php in the JFaq ...)
 	NOT-FOR-US: component for Joomla!
 CVE-2010-2514 (Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) ...)
@@ -77,16 +68,21 @@
 	RESERVED
 CVE-2010-2481
 	RESERVED
-CVE-2010-2480
+CVE-2010-2480 [XSS in python mako's escape.cgi]
 	RESERVED
-CVE-2010-2479
+	- python-mako <undetermined>
+	TODO: check
+	NOTE: http://bugs.python.org/issue9061
+CVE-2010-2478 [kernel buffer overflow in ETHTOOL_GRXCLSRLALL]
 	RESERVED
-CVE-2010-2478
+	- linux-2.6 <undetermined>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=608950
+	NOTE: http://thread.gmane.org/gmane.linux.network/164869
+CVE-2010-2477 [XSS in paste.httpexceptions]
 	RESERVED
-CVE-2010-2477
-	RESERVED
-CVE-2010-2476
-	RESERVED
+	- python-paste 1.7.4-1
+	NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
+	TODO: evaluate impact
 CVE-2010-2475
 	RESERVED
 CVE-2010-2474
@@ -99,7 +95,8 @@
 	RESERVED
 CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...)
 	- bugzilla <not-affected> (Only affects 3.5 to 3.7)
-CVE-2010-XXXX [syscp open_basedir bypassing]
+CVE-2010-2476 [syscp open_basedir bypassing]
+	RESERVED
 	- syscp <unfixed> (bug #587481)
 	NOTE: CVE id requested on oss-sec
 CVE-2010-2469 (The Linear eMerge 50 and 5000 uses a default password of eMerge for ...)
@@ -211,7 +208,8 @@
 	NOT-FOR-US: Sleipnir
 CVE-2008-7257
 	RESERVED
-CVE-2010-XXXX [IE-specific XSS issue]
+CVE-2010-2479 [IE-specific XSS issue]
+	RESERVED
 	- php-htmlpurifier 4.1.1+dfsg1-1
 CVE-2010-2419
 	RESERVED
@@ -633,7 +631,7 @@
 	RESERVED
 CVE-2010-2249 [memory leak in libpng]
 	RESERVED
-	- libpng <unfixed> (low; bug filed)
+	- libpng <unfixed> (low; bug #587670)
 	- freeimage <undetermined> (unimportant)
 	- tuxonice-userui <unfixed> (unimportant)
 	TODO: binNMU tuxonice-userui once libpng is fixed
@@ -3551,7 +3549,7 @@
 	NOTE: Scheduled for next round of Firefox updates (20th July)
 CVE-2010-1205 [memory write out of bounds]
 	RESERVED
-	- libpng <unfixed> (bug filed)
+	- libpng <unfixed> (bug #587670)
 	- freeimage <undetermined> 
 	- tuxonice-userui <unfixed> 
 	TODO: binNMU tuxonice-userui once libpng is fixed

More information about the Secure-testing-commits mailing list