[Secure-testing-commits] r16927 - in data: CVE DSA

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jul 13 06:47:25 UTC 2011 

Author: jmm
Date: 2011-07-13 06:47:24 +0000 (Wed, 13 Jul 2011)
New Revision: 16927

Modified:
   data/CVE/list
   data/DSA/list
Log:
libapache2-mod-authnz-external and libreoffice CVEfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-07-12 21:14:18 UTC (rev 16926)
+++ data/CVE/list	2011-07-13 06:47:24 UTC (rev 16927)
@@ -86,21 +86,23 @@
 	RESERVED
 CVE-2011-2689
 	RESERVED
-CVE-2011-2688
+CVE-2011-2688 [libapache2-mod-auth-external sql injection]
 	RESERVED
+	- libapache2-mod-authnz-external <unfixed> (medium; bug #633637)
 CVE-2011-2687
 	RESERVED
 CVE-2011-2686
 	RESERVED
-CVE-2011-2685
+CVE-2011-2685 [libreoffice lotus word pro filter, wrong object id cast ]
 	RESERVED
+	- libreoffice 1:3.3.3-1
+	- openoffice.org 1:3.3.0-1
+	[lenny] - openoffice.org <not-affected> (Vulnerable code not present)
+	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
 CVE-2011-2684
 	RESERVED
 CVE-2011-2683
 	RESERVED
-CVE-2011-XXXX [libapache2-mod-auth-external sql injection]
-	- libapache2-mod-authnz-external <unfixed> (medium; bug #633637)
-	NOTE: requested CVE id
 CVE-2010-4814 (SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) ...)
 	NOT-FOR-US: Best Soft Inc.
 CVE-2010-4813 (Cross-site scripting (XSS) vulnerability in the Category Tokens module ...)
@@ -145,13 +147,6 @@
 	RESERVED
 CVE-2011-2668
 	RESERVED
-CVE-2011-XXXX [libreoffice lotus word pro filter, wrong object id cast ]
-	- libreoffice 1:3.3.3-1
-	- openoffice.org 1:3.3.0-1
-	[squeeze] - openoffice.org 1:3.2.1-11+squeeze3
-	[lenny] - openoffice.org <not-affected> (Vulnerable code not present)
-	NOTE: CVE id requested
-	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
 CVE-2011-2667
 	RESERVED
 CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-07-12 21:14:18 UTC (rev 16926)
+++ data/DSA/list	2011-07-13 06:47:24 UTC (rev 16927)
@@ -11,6 +11,7 @@
 	[squeeze] - asterisk 1:1.6.2.9-2+squeeze3
 	[lenny] - asterisk 1:1.4.21.2~dfsg-3+lenny3
 [07 Jul 2011] DSA-2275-1 openoffice.org - buffer overflow
+	{CVE-2011-2685}
 	[squeeze] - openoffice.org 1:3.2.1-11+squeeze3
 	[lenny] - openoffice.org <not-affected> (Vulnerable code not present)
 [07 Jul 2011] DSA-2274-1 wireshark - multiple

More information about the Secure-testing-commits mailing list