[Secure-testing-commits] r16014 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sun Jan 30 21:14:49 UTC 2011


Author: joeyh
Date: 2011-01-30 21:14:49 +0000 (Sun, 30 Jan 2011)
New Revision: 16014

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-01-30 20:27:03 UTC (rev 16013)
+++ data/CVE/list	2011-01-30 21:14:49 UTC (rev 16014)
@@ -289,6 +289,7 @@
 	RESERVED
 CVE-2011-0521 [av7110 negative array offset]
 	RESERVED
+	{DSA-2153-1}
 	- linux-2.6 <unfixed>
 CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...)
 	NOT-FOR-US: Gallarific
@@ -928,6 +929,7 @@
 CVE-2011-0281
 	RESERVED
 CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
 CVE-2010-4667
 	RESERVED
@@ -960,6 +962,7 @@
 	NOTE: is using the libxml2 API in an incorrect manner
 CVE-2010-4656 [iowarrior usb device heap overflow]
 	RESERVED
+	{DSA-2153-1}
 	- linux-2.6 <unfixed>
 CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl]
 	RESERVED
@@ -991,6 +994,7 @@
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29)
 CVE-2010-4649
 	RESERVED
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4648
 	RESERVED
@@ -1650,6 +1654,7 @@
 CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in ...)
 	NOT-FOR-US: Citrix Acces Gateway
 CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ...)
+	{DSA-2153-1}
 	- linux-2.6 <unfixed>
 CVE-2010-4564
 	RESERVED
@@ -1831,14 +1836,17 @@
 	[squeeze] - bip 0.8.2-1squeeze3
 	[lenny] - bip <not-affected> (Vulnerable code not present)
 CVE-2010-4529 (Integer underflow in the irda_getsockopt function in ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4528 (directconn.c in the MSN protocol plugin in libpurple 2.7.6 through ...)
 	- pidgin 2.7.9-1 (bug #608331; medium)
 	[squeeze] - pidgin <not-affected> (Vulnerable code not present)
 	[lenny] - pidgin <not-affected> (Vulnerable code not present)
 CVE-2010-4527 (The load_mixer_volumes function in sound/oss/soundcard.c in the OSS ...)
+	{DSA-2153-1}
 	- linux-2.6 <unfixed>
 CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the ...)
 	- linux-2.6 2.6.35-1
@@ -1941,6 +1949,7 @@
 	NOT-FOR-US: OpenVAS Manager
 CVE-2011-0017 [lack of return code checks for setuid/setgid]
 	RESERVED
+	{DSA-2154-1}
 	- exim4 4.72-4
 CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
 	{DSA-2148-1}
@@ -2393,8 +2402,10 @@
 CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.33 and fixed in 2.6.36.2, we never released an affected kernel)
 CVE-2010-4346 (The install_special_mapping function in mm/mmap.c in the Linux kernel ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by ...)
+	{DSA-2154-1}
 	- exim4 4.72-3 (bug #606527)
 CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c ...)
 	{DSA-2131-1}
@@ -2403,6 +2414,7 @@
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
 CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
 	- sssd 1.2.1-4.1 (bug #610032)
@@ -2605,6 +2617,7 @@
 CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote ...)
 	- fontforge 0.0.20100501-4 (bug #605537)
 CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
 CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
 	{DSA-2138-1}
@@ -2630,8 +2643,10 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29 
 CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and ...)
 	- linux-2.6 <unfixed>
@@ -2644,8 +2659,10 @@
 CVE-2010-4244
 	RESERVED
 CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
 CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-28 
 CVE-2010-4241
 	RESERVED
@@ -2851,8 +2868,10 @@
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
 CVE-2010-4163 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
 CVE-2010-4162 (Multiple integer overflows in fs/bio.c in the Linux kernel before ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
 CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat ...)
 	- linux-2.6 2.6.28-1 
@@ -2887,6 +2906,7 @@
 CVE-2010-4160 (Multiple integer overflows in the (1) pppol2tp_sendmsg function in ...)
 	- linux-2.6 <unfixed> (low)
 CVE-2010-4158 (The sk_run_filter function in net/core/filter.c in the Linux kernel ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29 (low)
 CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
 	- linux-2.6 2.6.32-28 (low)
@@ -3585,6 +3605,7 @@
 	- eglibc <unfixed> (bug #600667)
 	[squeeze] - eglibc 2.11.2-6+squeeze1
 CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
+	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
 CVE-2010-3854 [unspecified cross-site scripting vulnerability in CouchDB]
 	RESERVED
@@ -3727,6 +3748,7 @@
 CVE-2010-3815
 	RESERVED
 CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...)
+	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
 CVE-2010-3813 (The WebCore::HTMLLinkElement::process function in ...)
 	- webkit 1.2.6-1
@@ -4079,6 +4101,7 @@
 CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
 	NOT-FOR-US: VMware SpringSource Spring Security
 CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-31
 CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
 	- linux-2.6 2.6.32-28
@@ -13409,6 +13432,7 @@
 	NOTE: The binary package kdm was built from kdebase in Lenny and from kdebase-workspace
 	NOTE: in KDE 4.x, i.e. Squeeze onwards
 CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise ...)
+	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
 	- kvm <removed>
 CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache HTTP ...)




More information about the Secure-testing-commits mailing list