[Secure-testing-commits] r15847 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jan 14 16:49:16 UTC 2011 

Author: jmm
Date: 2011-01-14 16:49:15 +0000 (Fri, 14 Jan 2011)
New Revision: 15847

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
libcgi-pm-perl spu and tpu uploads


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-01-14 09:17:59 UTC (rev 15846)
+++ data/CVE/list	2011-01-14 16:49:15 UTC (rev 15847)
@@ -1626,9 +1626,13 @@
 CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.51-1 (bug #606370)
+	[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
+	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
 CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.50-1 (bug #606370)
+	[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
+	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
 	- libcgi-simple-perl <unfixed> (bug #606379)
 CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
 	NOT-FOR-US: Apache archiva
@@ -3493,7 +3497,7 @@
 CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
 	NOT-FOR-US: VMware SpringSource Spring Security
 CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-31
 CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
 	- linux-2.6 2.6.32-28
 CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
@@ -6091,6 +6095,8 @@
 CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...)
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.50-1 (bug #606370)
+	[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
+	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
 	- libcgi-simple-perl <unfixed> (bug #606379)
 CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
 	{DSA-2106-1}

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2011-01-14 09:17:59 UTC (rev 15846)
+++ data/next-point-update.txt	2011-01-14 16:49:15 UTC (rev 15847)
@@ -23,6 +23,12 @@
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
 CVE-2010-4367
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
+CVE-2010-2761
+	[lenny] - libcgi-pm-perl 3.38-2lenny2
+CVE-2010-4410
+	[lenny] - libcgi-pm-perl 3.38-2lenny2
+CVE-2010-4411
+	[lenny] - libcgi-pm-perl 3.38-2lenny2

More information about the Secure-testing-commits mailing list