[Secure-testing-commits] r16030 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Feb 2 07:35:25 UTC 2011
Author: jmm
Date: 2011-02-02 07:35:18 +0000 (Wed, 02 Feb 2011)
New Revision: 16030
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
- new postgres issue
- sssd tpu
- various CVE assignments
- mingetty, numpy no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-02 04:16:17 UTC (rev 16029)
+++ data/CVE/list 2011-02-02 07:35:18 UTC (rev 16030)
@@ -158,10 +158,6 @@
TODO: check
CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
NOT-FOR-US: Automated Solutions Modbus/TCP Master
-CVE-2011-XXXX [Reoccurance of CVE-2005-3534]
- - nbd 1:2.9.16-8 (bug #611187)
-CVE-2011-XXXX [yet another weborf DoS]
- - weborf 0.12.5-1
CVE-2011-0649
RESERVED
CVE-2011-0648
@@ -430,10 +426,14 @@
RESERVED
CVE-2011-0530
RESERVED
+ - nbd 1:2.9.16-8 (bug #611187)
CVE-2011-0529
RESERVED
+ - weborf 0.12.5-1
CVE-2011-0528
RESERVED
+ - puppet 2.6.2-3
+ [lenny] - puppet <not-affected> (Only affects 2.6.x)
CVE-2011-0527
RESERVED
CVE-2011-0526
@@ -2074,10 +2074,6 @@
NOTE: Dupe of CVE-2010-4334
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
NOT-FOR-US: MRCGIGUY FreeTicket
-CVE-2010-XXXX
- - puppet 2.6.2-3
- [lenny] - puppet <not-affected> (Only affects 2.6.x)
- NOTE: CVE ID requested
CVE-2011-0025
RESERVED
CVE-2011-0024
@@ -2567,6 +2563,7 @@
- linux-2.6 2.6.32-30
CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
- sssd 1.2.1-4.1 (bug #610032)
+ [squeeze] - sssd 1.2.1-4+squeeze1
CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...)
NOT-FOR-US: Pointter PHP Micro-Blogging Social Network
CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...)
@@ -3375,8 +3372,11 @@
RESERVED
CVE-2010-4016
RESERVED
-CVE-2010-4015
+CVE-2010-4015 [psql buffer overflow in intarray module]
RESERVED
+ - postgresql-9.0 9.0.3-1
+ - postgresql-8.4 8.4.7-1
+ - postgresql-8.3 <removed>
CVE-2010-4014
RESERVED
CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x ...)
@@ -4983,7 +4983,8 @@
- ffmpeg-debian <removed>
NOTE: http://www.ocert.org/advisories/ocert-2010-004.html
CVE-2010-XXXX [mingetty directory traversal]
- - mingetty 1.07-2 (medium; bug #597382)
+ - mingetty 1.07-2 (low; bug #597382)
+ [lenny] - mingetty <no-dsa> (Minor issue)
CVE-2010-XXXX [config file world readable]
- sabnzbdplus 0.5.4-1 (low; bug #593829)
CVE-2010-XXXX [signature verification issue]
@@ -4992,7 +4993,8 @@
- greylistd 0.8.7+nmu2 (low; bug #464084)
[lenny] - greylistd <no-dsa> (Minor issue)
CVE-2010-XXXX [numpy memory corruption]
- - python-numpy 1:1.4.1-5 (bug #581058)
+ - python-numpy 1:1.4.1-5 (low; bug #581058)
+ [lenny] - python-numpy <no-dsa> (Minor issue)
NOTE: http://projects.scipy.org/numpy/changeset/8364
CVE-2010-XXXX [mediatomb directory traversal]
- mediatomb 0.12.0~svn2018-6.1 (medium; bug #580120)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2011-02-02 04:16:17 UTC (rev 16029)
+++ data/spu-candidates.txt 2011-02-02 07:35:18 UTC (rev 16030)
@@ -401,6 +401,11 @@
--
+mingetty
+#597382
+
+--
+
mono-debugger (CVE-2010-3369)
#598299
@@ -456,6 +461,12 @@
--
+python-numpy (CVE-2010-XXXX [numpy memory corruption])
+#581058
+http://projects.scipy.org/numpy/changeset/8364
+
+--
+
roaraudio (CVE-2010-3362)
#598295
More information about the Secure-testing-commits
mailing list