[Secure-testing-commits] r16198 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Fri Feb 18 23:42:34 UTC 2011
Author: geissert
Date: 2011-02-18 23:42:33 +0000 (Fri, 18 Feb 2011)
New Revision: 16198
Modified:
data/CVE/list
Log:
new avahi, wireshark, and linux issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-18 21:15:26 UTC (rev 16197)
+++ data/CVE/list 2011-02-18 23:42:33 UTC (rev 16198)
@@ -80,8 +80,9 @@
RESERVED
CVE-2011-1003
RESERVED
-CVE-2011-1002
+CVE-2011-1002 [remote denial of service by sending NULL UDP]
RESERVED
+ - avahi <unfixed>
CVE-2011-1001
RESERVED
CVE-2011-1000 [telepathy-gabble audio/video call intercepting]
@@ -825,8 +826,10 @@
RESERVED
CVE-2011-0714
RESERVED
-CVE-2011-0713
+CVE-2011-0713 [dct3trace buffer overflow]
RESERVED
+ - wireshark <unfixed>
+ NOTE: http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
CVE-2011-0712 [ALSA: caiaq - Fix possible string-buffer overflow]
RESERVED
- linux-2.6 <unfixed>
@@ -873,6 +876,11 @@
RESERVED
CVE-2011-0699
RESERVED
+ - linux-2.6 <unfixed>
+ NOTE: right, it was introduced in .37 which is in experimental;
+ TODO: someone on the kernel sectracker please correct as needed
+ [squeeze] - linux-2.6 <not-affected> (code introduced in .37)
+ [lenny] - linux-2.6 <not-affected> (code introduced in .37)
CVE-2011-0698 (Directory traversal vulnerability in Django 1.1.x before 1.1.4 and ...)
- python-django <not-affected> (Windows-specific)
NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
More information about the Secure-testing-commits
mailing list