[Secure-testing-commits] r14606 - in data: . CVE

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2010-05-05 19:42:44 +0000 (Wed, 05 May 2010)
New Revision: 14606

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
- libnss-db no-dsa
- remove duplicated theora entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-05-05 18:59:40 UTC (rev 14605)
+++ data/CVE/list	2010-05-05 19:42:44 UTC (rev 14606)
@@ -2405,7 +2405,8 @@
 	- texlive-bin <unfixed> (low)
 	[lenny] - texlive-bin <no-dsa> (minor issue)
 CVE-2010-0826 (The Free Software Foundation (FSF) Berkeley DB NSS module (aka ...)
-	- libnss-db <unfixed> (bug #577057)
+	- libnss-db <unfixed> (low; bug #577057)
+	[lenny] - libnss-db <no-dsa> (Minor issue)
 CVE-2010-0825 (lib-src/movemail.c in movemail in emacs 22 and 23 allows local users ...)
 	- emacs21 <removed> (low)
 	[lenny] - emacs21 <no-dsa> (Minor issue)
@@ -3847,14 +3848,6 @@
 	- zope2.11 <removed>
 	- zope2.9 <removed>
 	NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
-CVE-2009-XXXX [theora issues]
-	- xulrunner 1.9.1-1
-	[etch] - xulrunner <not-affected> (theora introduced in 1.9.1)
-	[lenny] - xulrunner <not-affected> (theora introduced in 1.9.1)
-	- libtheora 1.1.1+dfsg.1-3 (medium; bug #572950)
-	[etch] - libtheora <not-affected> (vulnerable code not present)
-	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=498815
-	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=498824
 CVE-2010-XXXX [potential sudo vuln]
 	- sudo <undetermined> (low; bug #565223)
 	TODO: check

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2010-05-05 18:59:40 UTC (rev 14605)
+++ data/spu-candidates.txt	2010-05-05 19:42:44 UTC (rev 14606)
@@ -217,6 +217,11 @@
 
 --
 
+libnss-db (CVE-2010-0826)
+#577057
+
+--
+
 libpam-ssh (CVE-2009-1273)
 #535877
 maintainer notified through initial bug report, said he would work on an update