[Secure-testing-commits] r14213 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Sun Mar 7 20:29:21 UTC 2010
Author: jmm-guest
Date: 2010-03-07 20:29:21 +0000 (Sun, 07 Mar 2010)
New Revision: 14213
Modified:
data/CVE/list
Log:
- filed bug for libesmtp
- warzone2100 bug not a security issue
- fix drupal6 source name, drupal5 no longer relevant
- record bug for drupal issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-03-07 20:19:00 UTC (rev 14212)
+++ data/CVE/list 2010-03-07 20:29:21 UTC (rev 14213)
@@ -278,22 +278,19 @@
[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
- shibboleth-sp <not-affected> (Vulnerable code not present)
CVE-2010-XXXX [libesmtp doesn't handle null bytes in commonname]
- - libesmtp <unfixed>
+ - libesmtp <unfixed> (bug filed)
NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
- TODO: check
CVE-2010-XXXX [argyll unsafe udev rules]
- argyll <not-affected> (issue with redhat-specific changes to the package)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=560050
CVE-2010-XXXX [warzone2100 stack overflow]
- - warzone2100 <undetermined> (low)
+ - warzone2100 <undetermined> (unimportant)
NOTE: https://bugs.launchpad.net/ubuntu/+source/warzone2100/+bug/520432
NOTE: supposedly fixed in version 2.3
- TODO: check
+ NOTE: Triggered through config files, not a security issue
CVE-2010-XXXX [drupal sa-core-2010-001]
- - drupal-6 <undetermined>
- - drupal-5 <undetermined>
+ - drupal6 <unfixed> (bug #572439)
NOTE: http://drupal.org/node/731710
- TODO: check
CVE-2010-XXXX [linux-ftpd: null ptr dereference]
- linux-ftpd <unfixed>
CVE-2010-XXXX [openssl power supply fluctuation fault-based key disclosure]
More information about the Secure-testing-commits
mailing list