[Secure-testing-commits] r15475 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Fri Oct 15 09:07:48 UTC 2010 

Author: jmm-guest
Date: 2010-10-15 09:07:40 +0000 (Fri, 15 Oct 2010)
New Revision: 15475

Modified:
   data/CVE/list
Log:
- freeradius fixed
- linux-2.6 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-10-14 21:14:51 UTC (rev 15474)
+++ data/CVE/list	2010-10-15 09:07:40 UTC (rev 15475)
@@ -509,7 +509,7 @@
 	TODO: check
 CVE-2010-3705 [sctp out-of-bounds issue]
 	RESERVED
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-3704
 	RESERVED
 	{DSA-2119-1}
@@ -542,9 +542,9 @@
 CVE-2010-3698
 	RESERVED
 CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
-	- freeradius <unfixed> (bug #600176)
+	- freeradius 2.1.10+dfsg-1 (bug #600176)
 CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in ...)
-	- freeradius <unfixed> (bug #600176)
+	- freeradius 2.1.10+dfsg-1 (bug #600176)
 	[lenny] - freeradius <not-affected> (Vulnerable code not present)
 CVE-2010-3695 [XSS vulnerability in the Fetchmail configuration]
 	RESERVED
@@ -857,7 +857,7 @@
 CVE-2010-3478
 	RESERVED
 CVE-2010-3477 (The tcf_act_police_dump function in net/sched/act_police.c in the ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-3600
 	RESERVED
 CVE-2010-3599
@@ -1228,7 +1228,7 @@
 	[squeeze] - quassel 0.6.3-1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
 CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
 CVE-2010-3441
 	RESERVED
@@ -1246,7 +1246,7 @@
 	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
 CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-3436 [open_basedir bypass]
 	RESERVED
 	- php5 <unfixed> (unimportant)
@@ -1618,7 +1618,7 @@
 	- freetype 2.4.0-1
 	NOTE: Only the 2.3.x series is affected
 CVE-2010-3310 (Multiple integer signedness errors in net/rose/af_rose.c in the Linux ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-3309
 	RESERVED
 CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan ...)
@@ -2237,7 +2237,7 @@
 	- mednafen 0.8.D-1 (unimportant)
 	NOTE: Extremely obscure attack vector, marking as unimportant
 CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat ...)
 	TODO: check
 CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 ...)
@@ -2518,6 +2518,7 @@
 	RESERVED
 CVE-2010-2962
 	RESERVED
+	- linux-2.6 2.6.32-25
 CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for the ...)
 	NOT-FOR-US: mountall
 CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c in the ...)
@@ -2568,7 +2569,7 @@
 CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does not look ...)
 	- linux-2.6 <unfixed>
 CVE-2010-2942 (The actions implementation in the network queueing functionality in ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-25
 CVE-2010-2941
 	RESERVED
@@ -3373,7 +3374,7 @@
 CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM ...)
 	NOT-FOR-US: BladeCenter software
 CVE-2010-2653 (Race condition in the hvc_close function in drivers/char/hvc_console.c ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro ...)
 	NOT-FOR-US: Online Guestbook Pro
 CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online Photo ...)
@@ -6745,7 +6746,7 @@
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-13
 CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-25
 CVE-2010-1435
 	RESERVED
 CVE-2010-1434

More information about the Secure-testing-commits mailing list