[Secure-testing-commits] r16033 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 2 20:20:55 UTC 2011 

Author: jmm
Date: 2011-02-02 20:20:54 +0000 (Wed, 02 Feb 2011)
New Revision: 16033

Modified:
   data/CVE/list
Log:
eclipse no-dsa
update bugzilla status


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-02 20:08:36 UTC (rev 16032)
+++ data/CVE/list	2011-02-02 20:20:54 UTC (rev 16033)
@@ -668,8 +668,9 @@
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
 CVE-2008-7271 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
-	- eclipse <unfixed>
-	TODO: check
+	- eclipse <unfixed> (low)
+	[squeeze] - eclipse <no-dsa> (Minor issue)
+	[lenny] - eclipse <no-dsa> (Minor issue)
 CVE-2011-0426
 	RESERVED
 CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote ...)
@@ -1162,7 +1163,9 @@
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
 CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
-	- eclipse <unfixed>
+	- eclipse <unfixed> (low)
+	[squeeze] - eclipse <no-dsa> (Minor issue)
+	[lenny] - eclipse <no-dsa> (Minor issue)
 CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 ...)
 	NOT-FOR-US: Hastymail
 CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
@@ -1754,15 +1757,13 @@
 CVE-2011-0049
 	RESERVED
 CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2011-0047 [mediawiki CSS injection]
 	RESERVED
 	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
 	- chromium-browser 6.0.472.63~r59945-4
@@ -1799,11 +1800,10 @@
 CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, ...)
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
 CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
-	- bugzilla <unfixed> (high; bug #611176)
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (high; bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in ...)
 	NOT-FOR-US: Citrix Acces Gateway

More information about the Secure-testing-commits mailing list