[Secure-testing-commits] r15399 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Sep 30 09:53:32 UTC 2010
Author: jmm-guest
Date: 2010-09-30 09:53:31 +0000 (Thu, 30 Sep 2010)
New Revision: 15399
Modified:
data/CVE/list
Log:
- horde bugs
- add source package for ffmpeg in Lenny
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-30 09:22:29 UTC (rev 15398)
+++ data/CVE/list 2010-09-30 09:53:31 UTC (rev 15399)
@@ -4,25 +4,21 @@
NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
CVE-2010-XXXX [horde3 XSS and CSRF]
- - horde3 <unfixed>
- TODO: check
+ - horde3 <unfixed> (bug #598582)
NOTE: http://lists.horde.org/archives/announce/2010/000568.html
CVE-2010-XXXX [horde dimp XSS]
- - dimp1 <unfixed>
+ - dimp1 <unfixed> (bug #598583)
NOTE: http://lists.horde.org/archives/announce/2010/000561.html
- TODO: report
CVE-2010-XXXX [horde imp4 XSS]
- - imp4 <unfixed>
+ - imp4 <unfixed> (bug #598584)
NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html
- TODO: report
CVE-2010-XXXX [libcloud doesn't verify SSL certificate]
- libcloud <unfixed> (bug #598463)
TODO: check
NOTE: other similar python code should be reviewed
CVE-2010-XXXX [horde gollem XSS]
- - gollem <unfixed>
+ - gollem <unfixed> (bug #598585)
NOTE: http://bugs.horde.org/ticket/9191
- TODO: report
CVE-2010-3688
NOT-FOR-US: NetArtMEDIA WebSiteAdmin
CVE-2010-3684
@@ -640,6 +636,7 @@
CVE-2010-3429
RESERVED
- ffmpeg <unfixed>
+ - ffmpeg-debian <removed>
TODO: check
NOTE: http://www.ocert.org/advisories/ocert-2010-004.html
CVE-2010-XXXX [mingetty directory traversal]
More information about the Secure-testing-commits
mailing list