[Secure-testing-commits] r16059 - data/CVE

Fri Feb 4 07:51:01 UTC 2011

Author: jmm
Date: 2011-02-04 07:51:00 +0000 (Fri, 04 Feb 2011)
New Revision: 16059

Modified:
   data/CVE/list
Log:
new openjdk issue
new openssh issue doesn't affect any release
update NFU entries to differentiate between Joomla and it's addons



Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-02-03 23:30:27 UTC (rev 16058)
+++ data/CVE/list	2011-02-04 07:51:00 UTC (rev 16059)
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [Legacy certificates stack disclosure]
+	- openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
 CVE-2011-0758
 	RESERVED
 CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
@@ -77,11 +79,11 @@
 CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
 	NOT-FOR-US: Immo Makler
 CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla JEAuto addon
 CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla JRadio addon
 CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla Lyftenbloggie addon
 CVE-2011-0720
 	RESERVED
 CVE-2011-0719
@@ -615,7 +617,7 @@
 CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
 	- php5 <unfixed>
 CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla 
 CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
 	NOT-FOR-US: Hastymail
 CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...)
@@ -2160,6 +2162,7 @@
 	NOT-FOR-US: MRCGIGUY FreeTicket
 CVE-2011-0025
 	RESERVED
+	- openjdk-6 6b18-1.8.5-1
 CVE-2011-0024
 	RESERVED
 CVE-2011-0023


