[Secure-testing-commits] r15384 - in data: . CVE

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2010-09-28 17:51:01 +0000 (Tue, 28 Sep 2010)
New Revision: 15384

Modified:
   data/CVE/list
   data/next-point-update.txt
   data/spu-candidates.txt
Log:
xserver spu upload
new piwigo issue (fixed in squeeze, not in lenny)
record clamav/bzip2 issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-28 15:10:01 UTC (rev 15383)
+++ data/CVE/list	2010-09-28 17:51:01 UTC (rev 15384)
@@ -7,6 +7,9 @@
 	- xpdf <unfixed>
 	- poppler <unfixed>
 	NOTE: http://secunia.com/advisories/41596/
+CVE-2010-XXXX [piwigo]
+	- piwigo 2.1.2-2
+	NOTE: http://www.exploit-db.com/exploits/14973/
 CVE-2010-XXXX [quassel CTCP DoS]
 	- quassel 0.7.1-1 (bug #597853)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
@@ -8957,6 +8960,8 @@
 	RESERVED
 	{DSA-2112-1}
 	- bzip2 1.0.5-6
+	- clamav 0.96.3+dfsg-1
+	[lenny] - clamav <end-of-life> (No longer supported in Lenny)
 CVE-2010-0404 (Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before ...)
 	{DSA-2046-1}
 	- phpgroupware 1:0.9.16.016+dfsg-1 (bug #584517)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2010-09-28 15:10:01 UTC (rev 15383)
+++ data/next-point-update.txt	2010-09-28 17:51:01 UTC (rev 15384)
@@ -6,7 +6,8 @@
 	[lenny] - xen-tools 3.9-4+lenny1
 CVE-2010-2574
 	[lenny] - mantis 1.1.6+dfsg-2lenny2
+CVE-2009-XXXX [xserver-xorg: inherits user's mask]
+	[lenny] - xorg-server 2:1.4.2-10.lenny3
 CVE-2010-2784
 	[lenny] - kvm 72+dfsg-5~lenny6
 
-

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2010-09-28 15:10:01 UTC (rev 15383)
+++ data/spu-candidates.txt	2010-09-28 17:51:01 UTC (rev 15384)
@@ -579,11 +579,6 @@
 
 --
 
-xserver-xorg (no CVE)
-#555308
-
---
-
 ytnef (CVE-2009-3887, CVE-2009-3721)
 notified maintainer