[Secure-testing-commits] r17094 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Aug 17 21:14:18 UTC 2011 

Author: joeyh
Date: 2011-08-17 21:14:18 +0000 (Wed, 17 Aug 2011)
New Revision: 17094

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-08-17 19:13:18 UTC (rev 17093)
+++ data/CVE/list	2011-08-17 21:14:18 UTC (rev 17094)
@@ -1,3 +1,65 @@
+CVE-2011-3169
+	RESERVED
+CVE-2011-3168
+	RESERVED
+CVE-2011-3167
+	RESERVED
+CVE-2011-3166
+	RESERVED
+CVE-2011-3165
+	RESERVED
+CVE-2011-3164
+	RESERVED
+CVE-2011-3163
+	RESERVED
+CVE-2011-3162
+	RESERVED
+CVE-2011-3161
+	RESERVED
+CVE-2011-3160
+	RESERVED
+CVE-2011-3159
+	RESERVED
+CVE-2011-3158
+	RESERVED
+CVE-2011-3157
+	RESERVED
+CVE-2011-3156
+	RESERVED
+CVE-2011-3155
+	RESERVED
+CVE-2011-3154
+	RESERVED
+CVE-2011-3153
+	RESERVED
+CVE-2011-3152
+	RESERVED
+CVE-2011-3151
+	RESERVED
+CVE-2011-3150
+	RESERVED
+CVE-2011-3149
+	RESERVED
+CVE-2011-3148
+	RESERVED
+CVE-2011-3147
+	RESERVED
+CVE-2011-3146
+	RESERVED
+CVE-2011-3145
+	RESERVED
+CVE-2011-3144 (Cross-site scripting (XSS) vulnerability in Control Microsystems ...)
+	TODO: check
+CVE-2011-3143 (Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, ...)
+	TODO: check
+CVE-2011-3142 (Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in ...)
+	TODO: check
+CVE-2011-3141 (Buffer overflow in the InBatch BatchField ActiveX control for Invensys ...)
+	TODO: check
+CVE-2011-3140 (IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and ...)
+	TODO: check
+CVE-2011-3139
+	RESERVED
 CVE-2011-3138 (The LTPA STS module support implementation in IBM Tivoli Federated ...)
 	NOT-FOR-US: Tivoli
 CVE-2011-3137 (Unspecified vulnerability in the Management Console in IBM Tivoli ...)
@@ -265,8 +327,8 @@
 	NOTE: Current openarena packages use the share ioquake3 engine
 	[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point update)
 	- ioquake3 1.36+svn1946-4
-CVE-2011-3011
-	RESERVED
+CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
+	TODO: check
 CVE-2011-3010
 	RESERVED
 CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
@@ -380,6 +442,7 @@
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2011-2984
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.5)
 	- iceweasel 6.0-1
@@ -388,6 +451,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-2983
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
 	- iceweasel 6.0-1
@@ -396,6 +460,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-2982
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
 	- iceweasel 6.0-1
@@ -404,6 +469,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-2981
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
 	- iceweasel 6.0-1
@@ -577,8 +643,8 @@
 	- linux-2.6 3.0.0-2
 CVE-2011-2908
 	RESERVED
-CVE-2011-2907
-	RESERVED
+CVE-2011-2907 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
+	TODO: check
 CVE-2011-2906
 	RESERVED
 CVE-2011-2905
@@ -939,12 +1005,12 @@
 	NOT-FOR-US: Parodia
 CVE-2011-2750 (NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-2749
-	RESERVED
+CVE-2011-2749 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before ...)
 	{DSA-2292-1}
-CVE-2011-2748
-	RESERVED
+	TODO: check
+CVE-2011-2748 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before ...)
 	{DSA-2292-1}
+	TODO: check
 CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
 	NOT-FOR-US: Google Picasa
 CVE-2011-2746
@@ -981,8 +1047,7 @@
 	RESERVED
 CVE-2011-2730
 	RESERVED
-CVE-2011-2729 [jsvc does not drop capabilities allowing the application to access files and directories owned by superuser]
-	RESERVED
+CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 ...)
 	- commons-daemon 1.0.7-1
 	NOTE: According to http://tomcat.apache.org/security-7.html jsvc needs to be build againt libcap to be exploitable
 CVE-2011-2728
@@ -1647,8 +1712,7 @@
 	NOTE: http://openwall.com/lists/oss-security/2011/06/20/2
 CVE-2011-2482
 	RESERVED
-CVE-2011-2481
-	RESERVED
+CVE-2011-2481 (Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace ...)
 	- tomcat7 7.0.19-1
 CVE-2011-2480 [kfreebsd info disclosure]
 	RESERVED
@@ -1753,8 +1817,8 @@
 	RESERVED
 CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2424
-	RESERVED
+CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+	TODO: check
 CVE-2011-2423 (msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
 	TODO: check
 CVE-2011-2422 (Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
@@ -1841,6 +1905,7 @@
 	TODO: check
 CVE-2011-2378
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
 	- iceweasel 6.0-1
@@ -7124,10 +7189,10 @@
 	RESERVED
 CVE-2011-0552
 	RESERVED
-CVE-2011-0551
-	RESERVED
-CVE-2011-0550
-	RESERVED
+CVE-2011-0551 (Cross-site request forgery (CSRF) vulnerability in the Web Interface ...)
+	TODO: check
+CVE-2011-0550 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
+	TODO: check
 CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI in ...)
 	NOT-FOR-US: Symantec Web Gateway
 CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
@@ -7195,8 +7260,8 @@
 	RESERVED
 	- puppet 2.6.2-3
 	[lenny] - puppet <not-affected> (Only affects 2.6.x)
-CVE-2011-0527
-	RESERVED
+CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before ...)
+	TODO: check
 CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla ...)
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0525
@@ -8138,10 +8203,10 @@
 	RESERVED
 CVE-2011-0258
 	RESERVED
-CVE-2011-0257
-	RESERVED
-CVE-2011-0256
-	RESERVED
+CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote ...)
+	TODO: check
+CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
+	TODO: check
 CVE-2011-0255 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
@@ -8600,6 +8665,7 @@
 	- icedove 3.1.11-1
 CVE-2011-0084
 	RESERVED
+	{DSA-2296-1 DSA-2295-1}
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)

More information about the Secure-testing-commits mailing list