[Secure-testing-commits] r16159 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 16 09:01:56 UTC 2011 

Author: jmm
Date: 2011-02-16 09:01:39 +0000 (Wed, 16 Feb 2011)
New Revision: 16159

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
mailman CVEfied
magpierss no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-16 07:40:33 UTC (rev 16158)
+++ data/CVE/list	2011-02-16 09:01:39 UTC (rev 16159)
@@ -100,10 +100,6 @@
 	TODO: check
 CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
 	TODO: check
-CVE-2011-XXXX [unspecified XSS vulnerability]
-	- mailman <unfixed>
-	NOTE: present in 2.1.14 and earlier
-	NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html
 CVE-2008-XXXX [path traversal in CGIHTTPServer]
 	- python2.5 <unfixed>
 	- python2.4 <removed>
@@ -704,7 +700,9 @@
 CVE-2011-0741 (Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution ...)
 	NOT-FOR-US: ModX
 CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...)
-	- magpierss <unfixed> (bug #611940)
+	- magpierss 0.72-10 (low; bug #611940)
+	[squeeze] - magpierss <no-dsa> (Minor issue)
+	[lenny] - magpierss <no-dsa> (Minor issue)
 CVE-2011-0739 (The deliver function in the sendmail delivery agent ...)
 	NOT-FOR-US: Ruby mail gem
 CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...)
@@ -747,7 +745,7 @@
 CVE-2011-0721 [chfn/chsh newline injection]
 	RESERVED
 	{DSA-2164-1}
-	- shadow <unfixed>
+	- shadow 1:4.1.4.2+svn3283-3
 	[lenny] - shadow <not-affected> (Vulnerable code not present)
 CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
 	NOT-FOR-US: Immo Makler
@@ -784,8 +782,11 @@
 	RESERVED
 CVE-2011-0708
 	RESERVED
-CVE-2011-0707
+CVE-2011-0707 [unspecified XSS vulnerability]
 	RESERVED
+	- mailman <unfixed>
+	NOTE: present in 2.1.14 and earlier
+	NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html
 CVE-2011-0706
 	RESERVED
 CVE-2011-0705 [path traversal in SimpleHTTPServer]

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2011-02-16 07:40:33 UTC (rev 16158)
+++ data/ospu-candidates.txt	2011-02-16 09:01:39 UTC (rev 16159)
@@ -371,6 +371,11 @@
 
 --
 
+magpierss (CVE-2011-0740)
+#611940
+
+--
+
 makepasswd (no CVE ID)
 #564559
 notified maintainer

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-02-16 07:40:33 UTC (rev 16158)
+++ data/spu-candidates.txt	2011-02-16 09:01:39 UTC (rev 16159)
@@ -30,6 +30,11 @@
 
 --
 
+magpierss (CVE-2011-0740)
+#611940
+
+--
+
 tesseract (CVE-2011-XXXX)
 #612032

More information about the Secure-testing-commits mailing list