[Secure-testing-commits] r16531 - data/CVE

Fri Apr 15 21:15:34 UTC 2011

Author: joeyh
Date: 2011-04-15 21:15:15 +0000 (Fri, 15 Apr 2011)
New Revision: 16531

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-04-14 21:15:25 UTC (rev 16530)
+++ data/CVE/list	2011-04-15 21:15:15 UTC (rev 16531)
@@ -1,3 +1,5 @@
+CVE-2011-1691 (The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in ...)
+	TODO: check
 CVE-2011-1690
 	RESERVED
 CVE-2011-1689
@@ -358,12 +360,12 @@
 	RESERVED
 CVE-2011-1534
 	RESERVED
-CVE-2011-1533
-	RESERVED
-CVE-2011-1532
-	RESERVED
-CVE-2011-1531
-	RESERVED
+CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and ...)
+	TODO: check
+CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP Photosmart ...)
+	TODO: check
+CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the HP ...)
+	TODO: check
 CVE-2011-1530
 	RESERVED
 CVE-2011-1529
@@ -870,7 +872,7 @@
 	NOT-FOR-US: Internet Explorer
 CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari 5.0.4 on ...)
+CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari before ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
 CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
@@ -1189,7 +1191,7 @@
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <unfixed>
 	NOTE: http://trac.webkit.org/changeset/79476
-CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google Chrome ...)
+CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 ...)
 	- libxslt 1.1.26-7 (bug #617413)
 	NOTE: http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
 	[squeeze] - libxslt <no-dsa> (minor issue)
@@ -2141,8 +2143,8 @@
 	RESERVED
 CVE-2011-0936
 	RESERVED
-CVE-2011-0935
-	RESERVED
+CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent ...)
+	TODO: check
 CVE-2011-0934
 	RESERVED
 CVE-2011-0933
@@ -2219,12 +2221,12 @@
 	[squeeze] - tsclient <no-dsa> (Minor issue)
 CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging ...)
 	NOT-FOR-US: AES module for Drupal
-CVE-2011-0898
-	RESERVED
-CVE-2011-0897
-	RESERVED
-CVE-2011-0896
-	RESERVED
+CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+	TODO: check
+CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 ...)
+	TODO: check
+CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on ...)
+	TODO: check
 CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms ...)
@@ -3878,8 +3880,7 @@
 	[squeeze] - ftpcopy <no-dsa> (Minor issue)
 	[lenny] - ftpcopy <no-dsa> (Minor issue)
 	NOTE: CVE ID requested
-CVE-2011-0285 [kadmind double free]
-	RESERVED
+CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing ...)
 	- krb5 <unfixed> (bug #622681)
 	NOTE: advisory says only 1.7 and greater are affected, but it looks to me like the vulnerable code is in fact present in lenny's 1.6
 CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in ...)


