[Secure-testing-commits] r17128 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Aug 26 21:14:16 UTC 2011 

Author: joeyh
Date: 2011-08-26 21:14:16 +0000 (Fri, 26 Aug 2011)
New Revision: 17128

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-08-26 14:24:42 UTC (rev 17127)
+++ data/CVE/list	2011-08-26 21:14:16 UTC (rev 17128)
@@ -1,3 +1,9 @@
+CVE-2011-3269
+	RESERVED
+CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...)
+	TODO: check
+CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log function, ...)
+	TODO: check
 CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the IKEv1 ...)
 	TODO: check
 CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno ...)
@@ -177,8 +183,7 @@
 	- linux-2.6 <unfixed>
 CVE-2011-3190
 	RESERVED
-CVE-2011-3189
-	RESERVED
+CVE-2011-3189 (The crypt function in PHP 5.3.7, when the MD5 hash type is used, ...)
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
@@ -197,8 +202,8 @@
 	[squeeze] - pidgin <no-dsa> (Minor issue)
 CVE-2011-3183
 	RESERVED
-CVE-2011-3182
-	RESERVED
+CVE-2011-3182 (PHP before 5.3.7 does not properly check the return values of the ...)
+	TODO: check
 CVE-2011-3181 [PMASA-2011-13  Multiple XSS in the Tracking feature.]
 	RESERVED
 	- phpmyadmin <unfixed>
@@ -819,8 +824,8 @@
 	RESERVED
 CVE-2011-2941
 	RESERVED
-CVE-2011-2940
-	RESERVED
+CVE-2011-2940 (stunnel 4.40 and 4.41 might allow remote attackers to execute ...)
+	TODO: check
 CVE-2011-2939
 	RESERVED
 CVE-2011-2938
@@ -1301,10 +1306,10 @@
 	RESERVED
 CVE-2011-2738
 	RESERVED
-CVE-2011-2737
-	RESERVED
-CVE-2011-2736
-	RESERVED
+CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...)
+	TODO: check
+CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...)
+	TODO: check
 CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
 	TODO: check
 CVE-2011-2734
@@ -1967,8 +1972,7 @@
 	- gdk-pixbuf 2.23.3-3.1 (bug #631524)
 CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...)
 	- linux-2.6 2.6.39-3 (low)
-CVE-2011-2483 [openwall blowfish implementation weakness]
-	RESERVED
+CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
 	- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
 	- php5-suhosin <unfixed> (bug #631283)
 	- postgresql <unfixed> (bug #631285)
@@ -4160,8 +4164,8 @@
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa
 CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...)
 	TODO: check
-CVE-2011-1657
-	RESERVED
+CVE-2011-1657 (The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions ...)
+	TODO: check
 CVE-2011-1656
 	RESERVED
 CVE-2011-1655 (The management.asmx module in the Management Web Service in the ...)

More information about the Secure-testing-commits mailing list