[Secure-testing-commits] r14751 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue May 25 09:15:50 UTC 2010
Author: joeyh
Date: 2010-05-25 09:15:36 +0000 (Tue, 25 May 2010)
New Revision: 14751
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-25 06:52:17 UTC (rev 14750)
+++ data/CVE/list 2010-05-25 09:15:36 UTC (rev 14751)
@@ -1434,6 +1434,7 @@
CVE-2010-1452
RESERVED
CVE-2010-1451 (The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-10
CVE-2010-1450
RESERVED
@@ -1448,6 +1449,7 @@
- postgresql-8.3 <undetermined>
TODO: check
CVE-2010-1446 (arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-12 (unimportant)
NOTE: KGDB is not currently enabled in debian builds
CVE-2010-1445
@@ -1478,6 +1480,7 @@
CVE-2010-1438 (Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames ...)
- wafp <itp> (bug #562949)
CVE-2010-1437 (Race condition in the find_keyring_by_name function in ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-13
CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not ...)
- linux-2.6 <unfixed>
@@ -2086,6 +2089,7 @@
CVE-2010-1188 (Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux ...)
- linux-2.6 2.6.20-1
CVE-2010-1187 (The Transparent Inter-Process Communication (TIPC) functionality in ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-12
CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...)
NOT-FOR-US: SAP MaxDB
@@ -2120,6 +2124,7 @@
CVE-2010-1174 (Cisco TFTP Server 1.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: Cisco TFTP Server
CVE-2010-1173 (The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-12
CVE-2010-1172
RESERVED
@@ -2147,6 +2152,7 @@
[lenny] - sudo <not-affected> (ignore_dot default value is off and can't be changed in runtime)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=580441#c3
CVE-2010-1162 (The release_one_tty function in drivers/char/tty_io.c in the Linux ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-12
CVE-2010-1161 (Race condition in GNU nano before 2.2.4, when run by root to edit a ...)
- nano 2.2.4-1 (low; bug #577817)
@@ -2381,17 +2387,22 @@
CVE-2010-1089 (SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 ...)
NOT-FOR-US: PHP Trouble Ticket
CVE-2010-1088 (fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-10
CVE-2010-1087 (The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-9 (low)
CVE-2010-1086 (The ULE decapsulation functionality in ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-10 (low)
CVE-2010-1085 (The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 ...)
- linux-2.6 2.6.32-9
[lenny] - linux-2.6 <not-affected> (affected call not present)
CVE-2010-1084 (Linux kernel 2.6.18 through 2.6.33, and possibly other versions, ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-11
CVE-2010-1083 (The processcompl_compat function in drivers/usb/core/devio.c in Linux ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-9
CVE-2010-1082 (Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when ...)
NOT-FOR-US: OI.Blogs
@@ -3468,6 +3479,7 @@
- samba 2:3.4.7~dfsg-1 (high)
[lenny] - samba <not-affected> (Only affects 3.3.11, 3.4.6 and 3.5.0)
CVE-2010-0727 (The gfs2_lock function in the Linux kernel before ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-11
CVE-2010-0726 (Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack ...)
{DSA-2009-1}
@@ -5450,6 +5462,7 @@
- linux-2.6.24 <removed> (low)
NOTE: just like CVE-2009-4536 but was reported later
CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 ...)
+ {DSA-2053-1}
- linux-2.6 2.6.32-11 (medium; bug #564110)
- linux-2.6.24 <removed> (medium)
CVE-2009-4536 (drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel ...)
More information about the Secure-testing-commits
mailing list