[Secure-testing-commits] r16073 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Sun Feb 6 19:17:33 UTC 2011 

Author: geissert
Date: 2011-02-06 19:17:26 +0000 (Sun, 06 Feb 2011)
New Revision: 16073

Modified:
   data/CVE/list
Log:
smarty, php5, plone, and tomcat issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-06 18:51:52 UTC (rev 16072)
+++ data/CVE/list	2011-02-06 19:17:26 UTC (rev 16073)
@@ -49,22 +49,40 @@
 CVE-2011-0759
 	RESERVED
 CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
+	- smarty3 <unfixed>
+	- smarty <unfixed>
 	TODO: check
 CVE-2011-0758
 	RESERVED
@@ -77,9 +95,9 @@
 CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SPL) ...)
 	- php5 <not-affected> (Only affects PHP on Windows)
 CVE-2011-0753 (Race condition in the PCNTL extension in PHP before 5.3.4, when a ...)
-	TODO: check
+	- php5 <unfixed> (unimportant)
 CVE-2011-0752 (The extract function in PHP before 5.2.15 does not prevent use of the ...)
-	TODO: check
+	- php5 5.3.3-7 (low)
 CVE-2011-0751
 	RESERVED
 CVE-2011-0750
@@ -151,6 +169,7 @@
 CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	NOT-FOR-US: Joomla Lyftenbloggie addon
 CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...)
+	- plone3 <removed>
 	TODO: check
 CVE-2011-0719
 	RESERVED
@@ -572,8 +591,10 @@
 	- glibc <removed>
 CVE-2011-0535
 	RESERVED
-CVE-2011-0534
+CVE-2011-0534 [remote DoS via NIO connector]
 	RESERVED
+	- tomcat6 <unfixed>
+	TODO: check
 CVE-2011-0533
 	RESERVED
 CVE-2011-0532

More information about the Secure-testing-commits mailing list