[Secure-testing-commits] r14291 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Mar 18 03:28:57 UTC 2010
Author: gilbert-guest
Date: 2010-03-18 03:28:57 +0000 (Thu, 18 Mar 2010)
New Revision: 14291
Modified:
data/CVE/list
Log:
more new issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-03-18 02:57:40 UTC (rev 14290)
+++ data/CVE/list 2010-03-18 03:28:57 UTC (rev 14291)
@@ -722,12 +722,28 @@
RESERVED
CVE-2010-0735
RESERVED
-CVE-2010-0734
+CVE-2010-0734 [curl issue]
RESERVED
-CVE-2010-0733
+ - curl <undetermined>
+ NOTE: only affected when automatic decompression set, which is off by default upstream
+ NOTE: http://www.openwall.com/lists/oss-security/2010/03/16/11
+ TODO: check
+CVE-2010-0733 [postgresql integer overflow]
RESERVED
-CVE-2010-0732
+ - postgresql-7.4 <undetermined>
+ - postgresql-8.1 <undetermined>
+ - postgresql-8.2 <undetermined>
+ - postgresql-8.3 <undetermined>
+ - postgresql-8.4 <undetermined>
+ TODO: check
+CVE-2010-XXXX [bozohttpd DoS on incomplete requests]
+CVE-2010-0732 [gnome-screensaver always unlocks after five failed attempts]
RESERVED
+ - gtk+2.0 2.18.5-1
+ [lenny] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
+ [etch] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
+ NOTE: http://osvdb.org/show/osvdb/61203
+ NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/1
CVE-2010-0731
RESERVED
CVE-2010-0730
@@ -1017,10 +1033,6 @@
- pyfribidi 0.10.0-2 (bug #570068)
CVE-2010-XXXX [phpbb3 weak captcha]
- phpbb3 <unfixed> (unimportant; bug #570011)
-CVE-2010-XXXX [screensavers unlocked via enter key]
- - gnome-screensaver <undetermined>
- [lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
- NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/1
CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
- flex 2.5.35-1
CVE-2010-0629
@@ -1746,11 +1758,6 @@
[lenny] - maradns <no-dsa> (minor issue)
[etch] - maradns <not-affected> (vulnerable code introduced in 1.3.03)
NOTE: http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
-CVE-2010-XXXX [gnome-screensaver always unlocks after five failed attempts]
- - gtk+2.0 2.18.5-1
- [lenny] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
- [etch] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
- NOTE: http://osvdb.org/show/osvdb/61203
CVE-2010-XXXX [sqlite: info leak]
- sqlite3 3.6.21-1 (low; bug #566326)
[lenny] - sqlite3 <no-dsa> (Minor information leak)
@@ -3390,8 +3397,9 @@
NOTE: proxy situations, the backend server is usually trusted, anyway.
CVE-2010-0009
RESERVED
-CVE-2010-0008
+CVE-2010-0008 [linux-2.6 sctp remote denial-of-service]
RESERVED
+ - linux-2.6 2.6.23-1
CVE-2010-0007 (net/bridge/netfilter/ebtables.c in the ebtables module in the ...)
{DSA-2005-1 DSA-2003-1 DSA-1996-1}
- linux-2.6 2.6.32-6
@@ -3515,8 +3523,9 @@
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.27)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545411
-CVE-2009-4271
+CVE-2009-4271 [linux-2.6: 32-bit processes on 64-bit system kernel panic]
RESERVED
+ - linux-2.6 2.6.18-1
CVE-2009-4270 (Stack-based buffer overflow in the errprintf function in base/gsmisc.c ...)
- ghostscript 8.70~dfsg-2.1 (medium; bug #562643)
CVE-2009-4269
More information about the Secure-testing-commits
mailing list