[Secure-testing-commits] r15399 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Thu Sep 30 09:53:32 UTC 2010


Author: jmm-guest
Date: 2010-09-30 09:53:31 +0000 (Thu, 30 Sep 2010)
New Revision: 15399

Modified:
   data/CVE/list
Log:
- horde bugs
- add source package for ffmpeg in Lenny


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-30 09:22:29 UTC (rev 15398)
+++ data/CVE/list	2010-09-30 09:53:31 UTC (rev 15399)
@@ -4,25 +4,21 @@
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
 	NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
 CVE-2010-XXXX [horde3 XSS and CSRF]
-	- horde3 <unfixed>
-	TODO: check
+	- horde3 <unfixed> (bug #598582)
 	NOTE: http://lists.horde.org/archives/announce/2010/000568.html
 CVE-2010-XXXX [horde dimp XSS]
-	- dimp1 <unfixed>
+	- dimp1 <unfixed> (bug #598583)
 	NOTE: http://lists.horde.org/archives/announce/2010/000561.html
-	TODO: report
 CVE-2010-XXXX [horde imp4 XSS]
-	- imp4 <unfixed>
+	- imp4 <unfixed> (bug #598584)
 	NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html
-	TODO: report
 CVE-2010-XXXX [libcloud doesn't verify SSL certificate]
 	- libcloud <unfixed> (bug #598463)
 	TODO: check
 	NOTE: other similar python code should be reviewed
 CVE-2010-XXXX [horde gollem XSS]
-	- gollem <unfixed>
+	- gollem <unfixed> (bug #598585)
 	NOTE: http://bugs.horde.org/ticket/9191
-	TODO: report
 CVE-2010-3688
 	NOT-FOR-US: NetArtMEDIA WebSiteAdmin
 CVE-2010-3684
@@ -640,6 +636,7 @@
 CVE-2010-3429
 	RESERVED
 	- ffmpeg <unfixed>
+	- ffmpeg-debian <removed>
 	TODO: check
 	NOTE: http://www.ocert.org/advisories/ocert-2010-004.html
 CVE-2010-XXXX [mingetty directory traversal]




More information about the Secure-testing-commits mailing list