[Secure-testing-commits] r15495 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Oct 21 21:14:52 UTC 2010
Author: joeyh
Date: 2010-10-21 21:14:45 +0000 (Thu, 21 Oct 2010)
New Revision: 15495
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-10-21 16:40:58 UTC (rev 15494)
+++ data/CVE/list 2010-10-21 21:14:45 UTC (rev 15495)
@@ -1,3 +1,37 @@
+CVE-2010-4022
+ RESERVED
+CVE-2010-4021
+ RESERVED
+CVE-2010-4020
+ RESERVED
+CVE-2010-4019
+ RESERVED
+CVE-2010-4018
+ RESERVED
+CVE-2010-4017
+ RESERVED
+CVE-2010-4016
+ RESERVED
+CVE-2010-4015
+ RESERVED
+CVE-2010-4014
+ RESERVED
+CVE-2010-4013
+ RESERVED
+CVE-2010-4012
+ RESERVED
+CVE-2010-4011
+ RESERVED
+CVE-2010-4010
+ RESERVED
+CVE-2010-4009
+ RESERVED
+CVE-2010-4008
+ RESERVED
+CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
+ TODO: check
+CVE-2010-4006
+ RESERVED
CVE-2010-4005
RESERVED
CVE-2010-4004
@@ -1534,11 +1568,9 @@
NOT-FOR-US: Kingsoft Antivirus
CVE-2010-3395
RESERVED
-CVE-2010-3394
- RESERVED
+CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
- texmacs 1:1.0.7.4-3 (bug #598424)
-CVE-2010-3393
- RESERVED
+CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
- magics++ <unfixed> (bug #598418)
CVE-2010-3392
RESERVED
@@ -1546,37 +1578,29 @@
RESERVED
CVE-2010-3390
RESERVED
-CVE-2010-3389
- RESERVED
+CVE-2010-3389 (The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents ...)
- cluster-agents <unfixed> (bug #598549)
CVE-2010-3388
RESERVED
-CVE-2010-3387
- RESERVED
+CVE-2010-3387 (** DISPUTED ** ...)
- vdr 1.6.0-18.1 (unimportant; bug #598308)
NOTE: Only affects a debugging tool, see bug #598308
-CVE-2010-3386
- RESERVED
+CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...)
- ust <unfixed> (bug #598309)
-CVE-2010-3385
- RESERVED
+CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
- tuxguitar 1.2-7 (bug #598307)
[lenny] - tuxguitar <no-dsa> (Minor issue)
-CVE-2010-3384
- RESERVED
+CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and ...)
- torcs 1.3.1-5 (bug #598306)
[lenny] - torcs <no-dsa> (Minor issue)
-CVE-2010-3383
- RESERVED
+CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
- teamspeak-client <unfixed> (low; bug #598304)
[lenny] - teamspeak-client <no-dsa> (Non-free not supported)
- teamspeak-server <unfixed> (low; bug #598305)
[lenny] - teamspeak-server <no-dsa> (Non-free not supported)
-CVE-2010-3382
- RESERVED
+CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...)
- tau 2.16.4-1.4 (bug #598303)
-CVE-2010-3381
- RESERVED
+CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in Tangerine ...)
- tangerine <unfixed> (bug #598302)
CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before ...)
- slurm-llnl <unfixed>
@@ -1584,15 +1608,12 @@
NOTE: http://sourceforge.net/projects/slurm/files//slurm/version_2.1/2.1.14/RELEASE_NOTES_2.1.14/view
CVE-2010-3379
RESERVED
-CVE-2010-3378
- RESERVED
+CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in ...)
- scilab 5.2.2-8 (bug #598423; bug #598422)
[lenny] - scilab <no-dsa> (Non-free not supported)
-CVE-2010-3377
- RESERVED
+CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) ...)
- salome <unfixed> (bug #598421)
-CVE-2010-3376
- RESERVED
+CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ...)
- root-system <unfixed> (bug #598420; bug #598419)
CVE-2010-3375
RESERVED
@@ -1609,71 +1630,55 @@
RESERVED
CVE-2010-3370
RESERVED
-CVE-2010-3369
- RESERVED
+CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3 ...)
- mono-debugger <unfixed> (bug #598299)
CVE-2010-3368
RESERVED
CVE-2010-3367
RESERVED
-CVE-2010-3366
- RESERVED
+CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
- mn-fit <unfixed> (bug #598298)
-CVE-2010-3365
- RESERVED
+CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
- mistelix 0.31-2 (low; bug #598297)
-CVE-2010-3364
- RESERVED
+CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
- vips 7.14.5-2 (low; bug #598296)
[lenny] - vips <no-dsa> (Minor issue)
-CVE-2010-3363
- RESERVED
+CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
- roaraudio 0.3-2 (low; bug #598295)
[lenny] - roaraudio <no-dsa> (Minor issue)
-CVE-2010-3362
- RESERVED
+CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
- lastfm 1:1.5.4.26862+dfsg-5 (low; bug #598294)
[lenny] - lastfm <no-dsa> (Minor issue)
-CVE-2010-3361
- RESERVED
+CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 ...)
- ike 2.1.5+dfsg-2 (low; bug #598292)
[lenny] - ike <no-dsa> (Minor issue)
-CVE-2010-3360
- RESERVED
+CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, ...)
- hipo <removed> (bug #598291)
[lenny] - hipo <no-dsa> (Minor issue)
CVE-2010-3359 [gargoyle: insecure library loading]
RESERVED
- gargoyle-free 2009-08-25-2
NOTE: http://groups.google.com/group/garglk-dev/browse_thread/thread/1c92ab6f24d5ebe6
-CVE-2010-3358
- RESERVED
+CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in ...)
- henplus <unfixed> (bug #598290)
-CVE-2010-3357
- RESERVED
+CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the ...)
- gnome-subtitles 1.0-2 (bug #598289)
CVE-2010-3356
RESERVED
-CVE-2010-3355
- RESERVED
+CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
- ember <unfixed> (bug #598288)
-CVE-2010-3354
- RESERVED
+CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
- dropbox 0.8.107-1 (low; bug #598287)
[lenny] - dropbox <no-dsa> (Non-free not supported)
-CVE-2010-3353
- RESERVED
+CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
- cowbell <unfixed> (bug #598286)
CVE-2010-3352
RESERVED
-CVE-2010-3351
- RESERVED
+CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...)
- bristol 0.60.5-2 (bug #598285)
-CVE-2010-3350
- RESERVED
+CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
- bareftp 0.3.4-1.1 (bug #598284)
-CVE-2010-3349
- RESERVED
+CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
- ardour 1:2.8.11-2 (low; bug #598282)
CVE-2010-3348
RESERVED
@@ -5077,8 +5082,8 @@
CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...)
- prewikka 1.0.0-1.1 (low; bug #584469)
[lenny] - prewikka <no-dsa> (The insecure permissions only apply for a very short timeframe during pkg update)
-CVE-2010-2057
- RESERVED
+CVE-2010-2057 (shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, ...)
+ TODO: check
CVE-2010-2056 (GNU gv before 3.7.0 allows local users to overwrite arbitrary files ...)
- gv 1:3.7.1-1 (low)
[lenny] - gv <no-dsa> (Minor issue)
@@ -8924,8 +8929,8 @@
RESERVED
CVE-2010-0783
RESERVED
-CVE-2010-0782
- RESERVED
+CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
+ TODO: check
CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-0780
More information about the Secure-testing-commits
mailing list