[Secure-testing-commits] r14358 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Wed Mar 31 03:12:39 UTC 2010
Author: gilbert-guest
Date: 2010-03-31 03:12:35 +0000 (Wed, 31 Mar 2010)
New Revision: 14358
Modified:
data/CVE/list
Log:
new oss-sec issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-03-30 21:14:51 UTC (rev 14357)
+++ data/CVE/list 2010-03-31 03:12:35 UTC (rev 14358)
@@ -1,3 +1,7 @@
+CVE-2010-1188 [linux-2.6: ipv6 skb unexpectedly freed]
+ - linux-2.6 2.6.20-1
+CVE-2010-1187 [linux-2.6: ticp oops]
+ - linux-2.6 <unfixed>
CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...)
TODO: check
CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key derived ...)
@@ -1038,9 +1042,13 @@
- shibboleth-sp2 <unfixed> (low; bug #571631)
[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
- shibboleth-sp <not-affected> (Vulnerable code not present)
-CVE-2010-XXXX [libesmtp doesn't handle null bytes in commonname]
+CVE-2010-1192 [libesmtp doesn't handle null bytes in commonname]
- libesmtp <unfixed> (bug #572960)
NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
+CVE-2010-1193 [libesmtp wildcard handling]
+ - libesmtp <undetermined>
+ NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/10
+ TODO: check
CVE-2010-XXXX [argyll unsafe udev rules]
- argyll <not-affected> (issue with redhat-specific changes to the package)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=560050
@@ -3010,8 +3018,11 @@
RESERVED
CVE-2010-0133
RESERVED
-CVE-2010-0132
+CVE-2010-0132 [viewvc regular expression xss]
RESERVED
+ - viewvc <undetermined>
+ NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/2
+ TODO: check
CVE-2010-0131
RESERVED
CVE-2010-0130
More information about the Secure-testing-commits
mailing list