[Secure-testing-commits] r17830 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Dec 20 08:08:54 UTC 2011 

Author: jmm
Date: 2011-12-20 08:08:54 +0000 (Tue, 20 Dec 2011)
New Revision: 17830

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
python-virtualenv CVEfied
NFUs
libdata-formvalidator-perl spu
openslp no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-20 00:16:15 UTC (rev 17829)
+++ data/CVE/list	2011-12-20 08:08:54 UTC (rev 17830)
@@ -1,8 +1,3 @@
-CVE-2010-XXXX [python-virtualenv: insecure /tmp file handling]
-	- python-virtualenv <unfixed> (low; bug #652653)
-	[lenny] - python-virtualenv <no-dsa> (Minor issue)
-	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
-	NOTE: CVE id requested
 CVE-2011-4856 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4855 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
@@ -912,8 +907,11 @@
 	RESERVED
 CVE-2011-4618
 	RESERVED
-CVE-2011-4617
+CVE-2011-4617 [python-virtualenv: insecure /tmp file handling]
 	RESERVED
+	- python-virtualenv <unfixed> (low; bug #652653)
+	[lenny] - python-virtualenv <no-dsa> (Minor issue)
+	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
 CVE-2011-4616
 	RESERVED
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
@@ -1554,6 +1552,7 @@
 	RESERVED
 CVE-2011-4369
 	RESERVED
+	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development ...)
 	TODO: check
 CVE-2011-4367
@@ -7239,7 +7238,7 @@
 CVE-2011-2463 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
 	TODO: check
 CVE-2011-2462 (Unspecified vulnerability in the U3D component in Adobe Reader and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2011-2461 (Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and ...)
 	TODO: check
 CVE-2011-2460 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
@@ -17291,6 +17290,8 @@
 	RESERVED
 CVE-2010-3609 (The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other ...)
 	- openslp-dfsg 1.2.1-8 (low; bug #623551)
+	[squeeze] - openslp-dfsg <no-dsa> (Minor issue)
+	[lenny] - openslp-dfsg <no-dsa> (Minor issue)
 CVE-2010-3659 [Multiple security issues]
 	RESERVED
 	{DSA-2098-1}

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2011-12-20 00:16:15 UTC (rev 17829)
+++ data/next-point-update.txt	2011-12-20 08:08:54 UTC (rev 17830)
@@ -23,6 +23,8 @@
 	[squeeze] - libpar-perl 1.000-1+squeeze1
 CVE-2011-1429
 	[squeeze] - mutt 1.5.20-9+squeeze2
+CVE-2011-2201
+	[squeeze] - libdata-formvalidator-perl 4.66-1+squeeze1
 
 
 
@@ -30,3 +32,4 @@
 
 
 
+

More information about the Secure-testing-commits mailing list