[Secure-testing-commits] r14195 - data/CVE

Pedro Ribeiro pedrib-guest at alioth.debian.org
Sat Mar 6 16:08:57 UTC 2010


Author: pedrib-guest
Date: 2010-03-06 16:08:54 +0000 (Sat, 06 Mar 2010)
New Revision: 14195

Modified:
   data/CVE/list
Log:
NFUs: IBM Lotus iNotes, Safari, Windows.
unaffected kdebase on kscreensaver vulnerability


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-05 21:14:40 UTC (rev 14194)
+++ data/CVE/list	2010-03-06 16:08:54 UTC (rev 14195)
@@ -1,21 +1,22 @@
 CVE-2010-0925 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2010-0923 (Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner ...)
-	TODO: check
+	- kdebase <not-affected> (only version 4.4.0 is affected, not present in Debian)
+	NOTE: version 4.4.1 is ready, check if 4.4.0 is not uploaded in the meantime
 CVE-2010-0922 (Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2010-0921 (Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
 CVE-2010-0920 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
 CVE-2010-0919 (Stack-based buffer overflow in the Lotus Domino Web Access ActiveX ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
 CVE-2010-0918 (Multiple unspecified vulnerabilities in the UltraLite functionality in ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
 CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-0916
 	RESERVED
 CVE-2010-0915




More information about the Secure-testing-commits mailing list