[Secure-testing-commits] r15570 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Nov 8 09:29:15 UTC 2010
Author: jmm-guest
Date: 2010-11-08 09:29:05 +0000 (Mon, 08 Nov 2010)
New Revision: 15570
Modified:
data/CVE/list
Log:
- bind9 fixed
- new issues in libvpx and libxml2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-08 02:23:56 UTC (rev 15569)
+++ data/CVE/list 2010-11-08 09:29:05 UTC (rev 15570)
@@ -1,4 +1,6 @@
CVE-2010-XXXX
+ - libvpx <unfixed> (bug #602693)
+CVE-2010-XXXX
- proftpd-dfsg 1.3.3a-5 (bug #602279)
[lenny] - proftpd-dfsg <not-affected> (Introduced in 1.3.2rc3)
CVE-2010-4149
@@ -323,6 +325,7 @@
RESERVED
CVE-2010-4008
RESERVED
+ - libxml2 <unfixed> (bug #602609)
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: Oracle Mojarra
CVE-2010-4006
@@ -914,7 +917,7 @@
- mantis 1.1.8+dfsg-9 (bug #601618)
[lenny] - mantis <no-dsa> (Minor issue)
CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not ...)
- - bind9 <unfixed> (bug #599515)
+ - bind9 1:9.7.2.dfsg.P2-1 (bug #599515)
NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
NOTE: The crash with multiple trust anchors affects 9.6 and is fixed in 9.6-ESV-R2.
More information about the Secure-testing-commits
mailing list