[Secure-testing-commits] r14365 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Mar 31 09:15:12 UTC 2010 

Author: joeyh
Date: 2010-03-31 09:15:04 +0000 (Wed, 31 Mar 2010)
New Revision: 14365

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-31 08:51:01 UTC (rev 14364)
+++ data/CVE/list	2010-03-31 09:15:04 UTC (rev 14365)
@@ -1002,6 +1002,7 @@
 	RESERVED
 CVE-2010-0828 [moin despam action xss]
 	RESERVED
+	{DSA-2024-1}
 	- moin <unfixed> (low; bug #575995)
 CVE-2010-0827
 	RESERVED
@@ -1245,7 +1246,7 @@
 	RESERVED
 CVE-2010-0741 [linux-2.6: virtio dos]
 	RESERVED
-        - linux-2.6 2.6.26-1
+	- linux-2.6 2.6.26-1
 CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...)
 	- openssl 0.9.8n-1 (medium; bug #575607)
 	[lenny] - openssl <not-affected> (only 0.9.8m is affected with 16 bit shorts)
@@ -2943,6 +2944,7 @@
 CVE-2010-0164 (Use-after-free vulnerability in the ...)
 	TODO: check
 CVE-2010-0163 (Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 ...)
+	{DSA-2025-1}
 	- icedove <unfixed> (medium)
 CVE-2010-0162 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and ...)
 	{DSA-1999-1}
@@ -7661,7 +7663,7 @@
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 CVE-2009-3075 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
-	{DSA-1885-1}
+	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove <unfixed>
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
@@ -7674,7 +7676,7 @@
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 CVE-2009-3072 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-1885-1}
+	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove <unfixed>
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
@@ -9476,7 +9478,7 @@
 	- poppler 0.12.2-2.1 (low; bug #534680)
 	[etch] - poppler <not-affected> (Vulnerable code not present)
 CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ...)
-	{DSA-1874-1}
+	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (medium; bug #539934)  
 	- icedove <unfixed> (medium)
 CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...)
@@ -9979,7 +9981,7 @@
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 CVE-2009-2463 (Multiple integer overflows in the (1) PL_Base64Decode and (2) ...)
-	{DSA-1931-1}
+	{DSA-2025-1 DSA-1931-1}
 	- nspr 4.8.2-1
 	- icedove <unfixed>
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
@@ -10200,7 +10202,7 @@
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
 CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in Mozilla ...)
-	{DSA-1874-1}
+	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539934) 
 	- icedove <unfixed> (low)
 CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to ...)

More information about the Secure-testing-commits mailing list