[Secure-testing-commits] r15544 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Mon Nov 1 18:50:01 UTC 2010 

Author: jmm-guest
Date: 2010-11-01 18:49:59 +0000 (Mon, 01 Nov 2010)
New Revision: 15544

Modified:
   data/CVE/list
   data/problematic-packages
Log:
- new weborf issue, mark package as problematic
- mailscanner no-dsa/unimportant
- vdr, magic++, teamspeak-server fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-11-01 18:49:14 UTC (rev 15543)
+++ data/CVE/list	2010-11-01 18:49:59 UTC (rev 15544)
@@ -1,5 +1,7 @@
 CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...)
 	TODO: check
+CVE-2010-XXXX
+	- weborf 0.12.4-1
 CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
 	TODO: check
 CVE-2010-4119
@@ -1808,7 +1810,7 @@
 CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
 	- texmacs 1:1.0.7.4-3 (bug #598424)
 CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
-	- magics++ <unfixed> (bug #598418)
+	- magics++ 2.10.0.dfsg-5.1 (bug #598418)
 CVE-2010-3392
 	RESERVED
 CVE-2010-3391
@@ -1820,7 +1822,7 @@
 CVE-2010-3388
 	RESERVED
 CVE-2010-3387 (** DISPUTED ** ...)
-	- vdr <unfixed> (unimportant; bug #598308)
+	- vdr 1.6.0-19.1 (unimportant; bug #598308)
 	NOTE: Only affects a debugging tool, see bug #598308
 CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...)
 	- ust 0.7-2.1 (bug #598309)
@@ -1833,7 +1835,7 @@
 CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
 	- teamspeak-client <unfixed> (low; bug #598304)
 	[lenny] - teamspeak-client <no-dsa> (Non-free not supported)
-	- teamspeak-server <unfixed> (low; bug #598305)
+	- teamspeak-server 2.0.24.1+debian-1.1 (low; bug #598305)
 	[lenny] - teamspeak-server <no-dsa> (Non-free not supported)
 CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...)
 	- tau 2.16.4-1.4 (bug #598303)
@@ -2081,11 +2083,12 @@
 	NOTE: and is distributed gzip-compressed
 CVE-2010-3293 [mailscanner virus updates DoS]
 	RESERVED
-	- mailscanner <unfixed> (bug #596397; low)
+	- mailscanner <unfixed> (bug #596397; unimportant)
 	NOTE: or even unimportant, the script is not used by default
 CVE-2010-3292 [mailscanner may use spoofed data]
 	RESERVED
 	- mailscanner <unfixed> (bug #596396; low)
+	[squeeze] - mailscanner <no-dsa> (Minor issue)
 CVE-2010-3278
 	REJECTED
 CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...)

Modified: data/problematic-packages
===================================================================
--- data/problematic-packages	2010-11-01 18:49:14 UTC (rev 15543)
+++ data/problematic-packages	2010-11-01 18:49:59 UTC (rev 15544)
@@ -15,3 +15,8 @@
 
 libmikmod (Mar 2010)
 maintainer seems MIA, latest upload in 2004
+
+--
+
+weborf (Nov 2010)
+Every new upstream fixes new vulnerabilities, dropped from Squeeze
\ No newline at end of file

More information about the Secure-testing-commits mailing list