[Secure-testing-commits] r17140 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Aug 30 21:14:26 UTC 2011
Author: joeyh
Date: 2011-08-30 21:14:26 +0000 (Tue, 30 Aug 2011)
New Revision: 17140
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-08-30 09:14:19 UTC (rev 17139)
+++ data/CVE/list 2011-08-30 21:14:26 UTC (rev 17140)
@@ -1,3 +1,143 @@
+CVE-2011-3339
+ RESERVED
+CVE-2011-3338
+ RESERVED
+CVE-2011-3337
+ RESERVED
+CVE-2011-3336
+ RESERVED
+CVE-2011-3335
+ RESERVED
+CVE-2011-3334
+ RESERVED
+CVE-2011-3333
+ RESERVED
+CVE-2011-3332
+ RESERVED
+CVE-2011-3331
+ RESERVED
+CVE-2011-3330
+ RESERVED
+CVE-2011-3329
+ RESERVED
+CVE-2011-3328
+ RESERVED
+CVE-2011-3327
+ RESERVED
+CVE-2011-3326
+ RESERVED
+CVE-2011-3325
+ RESERVED
+CVE-2011-3324
+ RESERVED
+CVE-2011-3323
+ RESERVED
+CVE-2011-3322
+ RESERVED
+CVE-2011-3321
+ RESERVED
+CVE-2011-3320
+ RESERVED
+CVE-2011-3319
+ RESERVED
+CVE-2011-3318
+ RESERVED
+CVE-2011-3317
+ RESERVED
+CVE-2011-3316
+ RESERVED
+CVE-2011-3315
+ RESERVED
+CVE-2011-3314
+ RESERVED
+CVE-2011-3313
+ RESERVED
+CVE-2011-3312
+ RESERVED
+CVE-2011-3311
+ RESERVED
+CVE-2011-3310
+ RESERVED
+CVE-2011-3309
+ RESERVED
+CVE-2011-3308
+ RESERVED
+CVE-2011-3307
+ RESERVED
+CVE-2011-3306
+ RESERVED
+CVE-2011-3305
+ RESERVED
+CVE-2011-3304
+ RESERVED
+CVE-2011-3303
+ RESERVED
+CVE-2011-3302
+ RESERVED
+CVE-2011-3301
+ RESERVED
+CVE-2011-3300
+ RESERVED
+CVE-2011-3299
+ RESERVED
+CVE-2011-3298
+ RESERVED
+CVE-2011-3297
+ RESERVED
+CVE-2011-3296
+ RESERVED
+CVE-2011-3295
+ RESERVED
+CVE-2011-3294
+ RESERVED
+CVE-2011-3293
+ RESERVED
+CVE-2011-3292
+ RESERVED
+CVE-2011-3291
+ RESERVED
+CVE-2011-3290
+ RESERVED
+CVE-2011-3289
+ RESERVED
+CVE-2011-3288
+ RESERVED
+CVE-2011-3287
+ RESERVED
+CVE-2011-3286
+ RESERVED
+CVE-2011-3285
+ RESERVED
+CVE-2011-3284
+ RESERVED
+CVE-2011-3283
+ RESERVED
+CVE-2011-3282
+ RESERVED
+CVE-2011-3281
+ RESERVED
+CVE-2011-3280
+ RESERVED
+CVE-2011-3279
+ RESERVED
+CVE-2011-3278
+ RESERVED
+CVE-2011-3277
+ RESERVED
+CVE-2011-3276
+ RESERVED
+CVE-2011-3275
+ RESERVED
+CVE-2011-3274
+ RESERVED
+CVE-2011-3273
+ RESERVED
+CVE-2011-3272
+ RESERVED
+CVE-2011-3271
+ RESERVED
+CVE-2011-3270
+ RESERVED
CVE-2011-3269
RESERVED
CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...)
@@ -171,8 +311,7 @@
RESERVED
CVE-2011-3193
RESERVED
-CVE-2011-3192 [byterange filter memory exhaustion DoS]
- RESERVED
+CVE-2011-3192 (The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through ...)
{DSA-2298-1}
- apache2 2.2.19-2
CVE-2011-3191
@@ -186,23 +325,20 @@
[lenny] - php5 <not-affected> (Introduced in 5.3.7)
CVE-2011-3188
RESERVED
-CVE-2011-3187
- RESERVED
-CVE-2011-3186
- RESERVED
-CVE-2011-3185
- RESERVED
+CVE-2011-3187 (The to_s method in ...)
+ TODO: check
+CVE-2011-3186 (CRLF injection vulnerability in ...)
+ TODO: check
+CVE-2011-3185 (gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted ...)
- pidgin <not-affected> (Windows-specific)
-CVE-2011-3184 [pidgin MSN DoS]
- RESERVED
+CVE-2011-3184 (The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ...)
- pidgin 2.10.0-1 (low)
[squeeze] - pidgin <no-dsa> (Minor issue)
CVE-2011-3183
RESERVED
CVE-2011-3182 (PHP before 5.3.7 does not properly check the return values of the ...)
- php5 <undetermined>
-CVE-2011-3181 [PMASA-2011-13 Multiple XSS in the Tracking feature.]
- RESERVED
+CVE-2011-3181 (Multiple cross-site scripting (XSS) vulnerabilities in the Tracking ...)
- phpmyadmin 4:3.4.4-1
[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2011-3180
@@ -636,14 +772,14 @@
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2992 (The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5 ...)
+CVE-2011-2992 (The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 6.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2991 (The browser engine in Mozilla Firefox 4.x through 5 does not properly ...)
+CVE-2011-2991 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 6.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -656,7 +792,7 @@
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2989 (The browser engine in Mozilla Firefox 4.x through 5 does not properly ...)
+CVE-2011-2989 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 6.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -677,7 +813,7 @@
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2986 (Mozilla Firefox 4.x through 5, when the Direct2D (aka D2D) API is used ...)
+CVE-2011-2986 (Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x ...)
- xulrunner <not-affected> (Only affects Windows)
- iceweasel <not-affected> (Only affects Windows)
- icedove <not-affected> (Only affects Thunderbird 5)
@@ -812,8 +948,7 @@
NOT-FOR-US: RealNetworks RealPlayer
CVE-2011-2944
RESERVED
-CVE-2011-2943 [pidgin IRC DoS]
- RESERVED
+CVE-2011-2943 (The irc_msg_who function in msgs.c in the IRC protocol plugin in ...)
- pidgin 2.10.0-1 (bug #638709)
[squeeze] - pidgin <not-affected> (Only affects 2.8 to 2.10)
[lenny] - pidgin <not-affected> (Only affects 2.8 to 2.10)
@@ -842,16 +977,15 @@
RESERVED
CVE-2011-2933
RESERVED
-CVE-2011-2932
- RESERVED
-CVE-2011-2931
- RESERVED
-CVE-2011-2930
- RESERVED
-CVE-2011-2929
- RESERVED
-CVE-2011-2928
- RESERVED
+CVE-2011-2932 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-2931 (Cross-site scripting (XSS) vulnerability in the strip_tags helper in ...)
+ TODO: check
+CVE-2011-2930 (Multiple SQL injection vulnerabilities in the quote_table_name method ...)
+ TODO: check
+CVE-2011-2929 (The template selection functionality in ...)
+ TODO: check
+CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux ...)
- linux-2.6 3.0.0-2
CVE-2011-2927
RESERVED
@@ -1049,8 +1183,8 @@
RESERVED
CVE-2011-2840
RESERVED
-CVE-2011-2839
- RESERVED
+CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on Linux ...)
+ TODO: check
CVE-2011-2838
RESERVED
CVE-2011-2837
@@ -1069,38 +1203,30 @@
RESERVED
CVE-2011-2830
RESERVED
-CVE-2011-2829
- RESERVED
+CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2828
- RESERVED
+CVE-2011-2828 (Google V8, as used in Google Chrome before 13.0.782.215, allows remote ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2827
- RESERVED
+CVE-2011-2827 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2826
- RESERVED
+CVE-2011-2826 (Google Chrome before 13.0.782.215 allows remote attackers to bypass ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2825
- RESERVED
+CVE-2011-2825 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2824
- RESERVED
+CVE-2011-2824 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2823
- RESERVED
+CVE-2011-2823 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
-CVE-2011-2822
- RESERVED
-CVE-2011-2821
- RESERVED
+CVE-2011-2822 (Google Chrome before 13.0.782.215 on Windows does not properly parse ...)
+ TODO: check
+CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before ...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
CVE-2011-2820
@@ -1133,8 +1259,8 @@
RESERVED
CVE-2011-2807
RESERVED
-CVE-2011-2806
- RESERVED
+CVE-2011-2806 (Google Chrome before 13.0.782.215 on Windows does not properly handle ...)
+ TODO: check
CVE-2011-2805 (Google Chrome before 13.0.782.107 allows remote attackers to bypass ...)
- chromium-browser 13.0.782.107~r94237-1
- webkit <undetermined>
@@ -1292,8 +1418,8 @@
- dhcp3 <removed>
CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
NOT-FOR-US: Google Picasa
-CVE-2011-2746
- RESERVED
+CVE-2011-2746 (Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in ...)
+ TODO: check
CVE-2011-2745 (upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier ...)
NOT-FOR-US: Chyrp
CVE-2011-2744 (Directory traversal vulnerability in Chyrp 2.1 and earlier allows ...)
@@ -1373,8 +1499,8 @@
NOT-FOR-US: Drupal data module
CVE-2011-2713
RESERVED
-CVE-2011-2712
- RESERVED
+CVE-2011-2712 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
+ TODO: check
CVE-2011-2711 (Cross-site scripting (XSS) vulnerability in the print_fileinfo ...)
NOT-FOR-US: cgit
CVE-2011-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
@@ -1747,16 +1873,16 @@
RESERVED
CVE-2011-2565
RESERVED
-CVE-2011-2564
- RESERVED
-CVE-2011-2563
- RESERVED
-CVE-2011-2562
- RESERVED
-CVE-2011-2561
- RESERVED
-CVE-2011-2560
- RESERVED
+CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
+ TODO: check
+CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
+ TODO: check
+CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+ TODO: check
+CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, ...)
+ TODO: check
+CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager ...)
+ TODO: check
CVE-2011-2559
RESERVED
CVE-2011-2558
@@ -1765,8 +1891,8 @@
RESERVED
CVE-2011-2556
RESERVED
-CVE-2011-2555
- RESERVED
+CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a ...)
+ TODO: check
CVE-2011-2554
RESERVED
CVE-2011-2553
@@ -1939,8 +2065,7 @@
CVE-2011-2498
RESERVED
- linux-2.6 2.6.39-1 (low)
-CVE-2011-2497
- RESERVED
+CVE-2011-2497 (Integer underflow in the l2cap_config_req function in ...)
- linux-2.6 2.6.39-3
CVE-2011-2496
RESERVED
@@ -2586,8 +2711,7 @@
RESERVED
CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
NOT-FOR-US: VMware
-CVE-2011-2213 [kernel: inet_diag: fix inet_diag_bc_audit]
- RESERVED
+CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux ...)
- linux-2.6 2.6.39-3
CVE-2011-2212
RESERVED
@@ -3850,8 +3974,7 @@
- subversion 1.6.17dfsg-1
CVE-2011-1782 (Heap-based buffer overflow in the read_channel_data function in ...)
- gimp 2.6.11-3 (bug #629830)
-CVE-2011-1781
- RESERVED
+CVE-2011-1781 (SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows ...)
- systemtap 1.6-1 (bug #628819)
[squeeze] - systemtap <not-affected> (Only affects version 1.4.x)
[lenny] - systemtap <not-affected> (Only affects version 1.4.x)
@@ -3886,8 +4009,7 @@
- linux-2.6 2.6.39-1
[squeeze] - linux-2.6 2.6.32-34squeeze1
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29 with commit e77b8363b2ea7c0d89919547c1a8b0562f298b57)
-CVE-2011-1769
- RESERVED
+CVE-2011-1769 (SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is ...)
- systemtap 1.6-1 (bug #628819)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=702687#c29
NOTE: http://sourceware.org/git/?p=systemtap.git;a=commit;h=fa2e3415185a28542d419a641ecd6cddd52e3cd9
@@ -4208,8 +4330,8 @@
NOT-FOR-US: Cisco
CVE-2011-1644
RESERVED
-CVE-2011-1643
- RESERVED
+CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+ TODO: check
CVE-2011-1642
RESERVED
CVE-2011-1641
@@ -8552,8 +8674,8 @@
RESERVED
CVE-2011-0229
RESERVED
-CVE-2011-0228
- RESERVED
+CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x ...)
+ TODO: check
CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before ...)
NOT-FOR-US: Apple iOS
CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...)
More information about the Secure-testing-commits
mailing list