[Secure-testing-commits] r17098 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Aug 19 21:14:18 UTC 2011 

Author: joeyh
Date: 2011-08-19 21:14:18 +0000 (Fri, 19 Aug 2011)
New Revision: 17098

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-08-19 06:45:11 UTC (rev 17097)
+++ data/CVE/list	2011-08-19 21:14:18 UTC (rev 17098)
@@ -382,68 +382,58 @@
 	RESERVED
 CVE-2011-2994
 	RESERVED
-CVE-2011-2993
-	RESERVED
+CVE-2011-2993 (The implementation of digital signatures for JAR files in Mozilla ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2992
-	RESERVED
+CVE-2011-2992 (The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5 ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2991
-	RESERVED
+CVE-2011-2991 (The browser engine in Mozilla Firefox 4.x through 5 does not properly ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2990
-	RESERVED
+CVE-2011-2990 (The implementation of Content Security Policy (CSP) violation reports ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2989
-	RESERVED
+CVE-2011-2989 (The browser engine in Mozilla Firefox 4.x through 5 does not properly ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2988
-	RESERVED
+CVE-2011-2988 (Buffer overflow in an unspecified string class in the WebGL shader ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2987
-	RESERVED
+CVE-2011-2987 (Heap-based buffer overflow in Almost Native Graphics Layer Engine ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2986
-	RESERVED
+CVE-2011-2986 (Mozilla Firefox 4.x through 5, when the Direct2D (aka D2D) API is used ...)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
-CVE-2011-2985
-	RESERVED
+CVE-2011-2985 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2984
-	RESERVED
+CVE-2011-2984 (Mozilla Firefox before 3.6.20 does not properly handle the dropping of ...)
 	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.5)
@@ -451,8 +441,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2983
-	RESERVED
+CVE-2011-2983 (Mozilla Firefox before 3.6.20 does not properly handle the ...)
 	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
@@ -460,8 +449,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2982
-	RESERVED
+CVE-2011-2982 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
@@ -469,8 +457,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2981
-	RESERVED
+CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6.20 ...)
 	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
@@ -478,8 +465,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2980
-	RESERVED
+CVE-2011-2980 (Untrusted search path vulnerability in the ThinkPadSensor::Startup ...)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
 CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...)
@@ -542,28 +528,28 @@
 	- rtkit 0.10-2
 CVE-2011-XXXX [minissdpd multiple issues]
 	- minisspdp 1.0.20110729-1 (bug #635836)
-CVE-2011-2955
-	RESERVED
-CVE-2011-2954
-	RESERVED
-CVE-2011-2953
-	RESERVED
-CVE-2011-2952
-	RESERVED
-CVE-2011-2951
-	RESERVED
-CVE-2011-2950
-	RESERVED
-CVE-2011-2949
-	RESERVED
-CVE-2011-2948
-	RESERVED
-CVE-2011-2947
-	RESERVED
-CVE-2011-2946
-	RESERVED
-CVE-2011-2945
-	RESERVED
+CVE-2011-2955 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2011-2954 (Use-after-free vulnerability in the AutoUpdate feature in RealNetworks ...)
+	TODO: check
+CVE-2011-2953 (An unspecified ActiveX control in the browser plugin in RealNetworks ...)
+	TODO: check
+CVE-2011-2952 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2011-2951 (Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
+	TODO: check
+CVE-2011-2950 (Heap-based buffer overflow in qcpfformat.dll in RealNetworks ...)
+	TODO: check
+CVE-2011-2949 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2011-2948 (RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, ...)
+	TODO: check
+CVE-2011-2947 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control ...)
+	TODO: check
+CVE-2011-2946 (Unspecified vulnerability in an ActiveX control in RealNetworks ...)
+	TODO: check
+CVE-2011-2945 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
 CVE-2011-2944
 	RESERVED
 CVE-2011-2943
@@ -1041,8 +1027,8 @@
 	RESERVED
 CVE-2011-2734
 	RESERVED
-CVE-2011-2733
-	RESERVED
+CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
+	TODO: check
 CVE-2011-2732
 	RESERVED
 CVE-2011-2731
@@ -1905,8 +1891,7 @@
 	TODO: check
 CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
 	TODO: check
-CVE-2011-2378
-	RESERVED
+CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20 does not ...)
 	{DSA-2296-1 DSA-2295-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-13
@@ -3973,10 +3958,10 @@
 	RESERVED
 CVE-2011-1626
 	RESERVED
-CVE-2011-1625
-	RESERVED
-CVE-2011-1624
-	RESERVED
+CVE-2011-1625 (Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link ...)
+	TODO: check
+CVE-2011-1624 (Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote ...)
+	TODO: check
 CVE-2011-1623 (Cisco Media Processing Software before 1.2 on Media Experience Engine ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1622
@@ -8665,8 +8650,7 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-0084
-	RESERVED
+CVE-2011-0084 (The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox ...)
 	{DSA-2296-1 DSA-2295-1}
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel 6.0-1

More information about the Secure-testing-commits mailing list