[Secure-testing-commits] r15928 - in data: . CVE DSA
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Jan 19 16:58:48 UTC 2011
Author: jmm
Date: 2011-01-19 16:58:42 +0000 (Wed, 19 Jan 2011)
New Revision: 15928
Modified:
data/CVE/list
data/DSA/list
data/next-point-update.txt
Log:
- new spip issues (fixed in sid, not in lenny)
- more IDs assigned to tor security update
- new asterisk issue
- libcgi-simple-perl spu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-19 10:40:41 UTC (rev 15927)
+++ data/CVE/list 2011-01-19 16:58:42 UTC (rev 15928)
@@ -1,3 +1,17 @@
+CVE-2011-0493
+ {DSA-2148-1}
+ - tor 0.2.1.29-1
+CVE-2011-0492
+ {DSA-2148-1}
+ - tor 0.2.1.29-1
+CVE-2011-0491
+ {DSA-2148-1}
+ - tor 0.2.1.29-1
+CVE-2011-0490
+ {DSA-2148-1}
+ - tor 0.2.1.29-1
+CVE-2011-XXXX [multiple spip issues]
+ - spip 2.1.1-3 (bug #609212; bug #610016)
CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
@@ -1760,6 +1774,7 @@
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
- perl 5.10.1-17 (bug #606995)
- libcgi-simple-perl 1.111-2 (bug #606379)
+ [lenny] - libcgi-simple-perl <no-dsa> (Fixed through spu)
- libcgi-pm-perl 3.51-1 (bug #606370)
[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
[squeeze] - libcgi-pm-perl 3.49-1squeeze1
@@ -1769,6 +1784,7 @@
[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
[squeeze] - libcgi-pm-perl 3.49-1squeeze1
- libcgi-simple-perl 1.111-2 (bug #606379)
+ [lenny] - libcgi-simple-perl <no-dsa> (Fixed through spu)
CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
NOT-FOR-US: Apache archiva
CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
@@ -6232,6 +6248,7 @@
[lenny] - libcgi-pm-perl <no-dsa> (Fixed through spu)
[squeeze] - libcgi-pm-perl 3.49-1squeeze1
- libcgi-simple-perl 1.111-2 (bug #606379)
+ [lenny] - libcgi-simple-perl <no-dsa> (Fixed through spu)
CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
{DSA-2106-1}
- xulrunner <removed>
@@ -12800,8 +12817,9 @@
NOT-FOR-US: Apple Disk Images
CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for ...)
NOT-FOR-US: Apple iPhone OS
-CVE-2010-0495
+CVE-2010-0495 [AST-2011-001]
RESERVED
+ - asterisk <unfixed> (bug #610487)
CVE-2010-0494 (Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-0493
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2011-01-19 10:40:41 UTC (rev 15927)
+++ data/DSA/list 2011-01-19 16:58:42 UTC (rev 15928)
@@ -1,5 +1,5 @@
[17 Jan 2011] DSA-2148-1 tor - several
- {CVE-2011-0015 CVE-2011-0016 CVE-2011-0427}
+ {CVE-2011-0015 CVE-2011-0016 CVE-2011-0427 CVE-2011-0490 CVE-2011-0491 CVE-2011-0492 CVE-2011-0493}
[lenny] - tor 0.2.1.29-1~lenny+1
[16 Jan 2011] DSA-2147-1 pimd - insecure temporary files
{CVE-2011-0007}
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2011-01-19 10:40:41 UTC (rev 15927)
+++ data/next-point-update.txt 2011-01-19 16:58:42 UTC (rev 15928)
@@ -38,6 +38,12 @@
[lenny] - perl 5.10.0-19lenny3
CVE-2010-4411
[lenny] - perl 5.10.0-19lenny3
+CVE-2010-2761
+ [lenny] - libcgi-simple-perl 1.105-1lenny1
+CVE-2010-4410
+ [lenny] - libcgi-simple-perl 1.105-1lenny1
+CVE-2010-4411
+ [lenny] - libcgi-simple-perl 1.105-1lenny1
@@ -49,3 +55,4 @@
+
More information about the Secure-testing-commits
mailing list