[Secure-testing-commits] r16905 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Jul 6 17:58:08 UTC 2011
Author: jmm
Date: 2011-07-06 17:58:08 +0000 (Wed, 06 Jul 2011)
New Revision: 16905
Modified:
data/CVE/list
Log:
new tomcat issue (no-dsa)
new issue in dotclear and liferay (ITPd)
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-06 16:48:14 UTC (rev 16904)
+++ data/CVE/list 2011-07-06 17:58:08 UTC (rev 16905)
@@ -1000,7 +1000,12 @@
[squeeze] - prosody <no-dsa> (Minor issue)
[lenny] - prosody <no-dsa> (Minor issue)
CVE-2011-2204 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before ...)
- TODO: check
+ - tomcat5.5 <removed> (low)
+ [lenny] - tomcat5.5 <no-dsa> (Minor issue)
+ - tomcat6 <unfixed> (low)
+ [lenny] - tomcat6 <no-dsa> (Minor issue)
+ [squeeze] - tomcat6 <no-dsa> (Minor issue)
+ - tomcat7 <unfixed>
CVE-2011-2201
RESERVED
CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus ...)
@@ -1049,9 +1054,9 @@
CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux kernel ...)
- linux-2.6 2.6.34-1
CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: CRE Loaded
CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, ...)
- TODO: check
+ NOT-FOR-US: CRE Loaded
CVE-2011-2477 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in ...)
- icinga <undetermined>
NOTE: 1.4.1 is said to be fixed
@@ -2731,7 +2736,7 @@
- linux-2.6 <unfixed> (unimportant)
NOTE: an exploitation requires the ability to run mount.cifs w/ root privs
CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the Media ...)
- TODO: check
+ - dotclear <itp> (bug #570139)
CVE-2011-1583
RESERVED
CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a ...)
More information about the Secure-testing-commits
mailing list