[Secure-testing-commits] r16964 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jul 21 14:51:41 UTC 2011
Author: jmm
Date: 2011-07-21 14:51:40 +0000 (Thu, 21 Jul 2011)
New Revision: 16964
Modified:
data/CVE/list
Log:
new kernel issue (nfu)
filed bugs for rails and tomcat, tomcat5.5 also affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-21 10:49:15 UTC (rev 16963)
+++ data/CVE/list 2011-07-21 14:51:40 UTC (rev 16964)
@@ -146,6 +146,7 @@
RESERVED
CVE-2011-2707
RESERVED
+ - linux-2.6 <not-affected> (xtensa arch not used in Debian)
CVE-2011-2706
RESERVED
CVE-2011-2705
@@ -593,11 +594,9 @@
- qemu-kvm 0.14.1+dfsg-3 (bug #633669)
- kvm <not-affected> (Vulnerable code not present)
CVE-2011-2526 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before ...)
- - tomcat6 <undetermined>
- - tomcat7 <undetermined>
- NOTE: tomcat6 likely affected. sid: 6.0.32-5, fixed-upstream: 6.0.33
- NOTE: tomcat7 likely affected. sid: 7.0.16-3, fixed-upstream: 7.0.19
- TODO: check further packages
+ - tomcat6 <unfixed> (bug #634992)
+ - tomcat7 <unfixed> (bug #634992)
+ - tomcat5.5 <removed> (bug #634992)
CVE-2011-2525
RESERVED
- linux-2.6 2.6.35-1
@@ -1349,7 +1348,7 @@
[squeeze] - dbus 1.2.24-4+squeeze1
[lenny] - dbus <no-dsa> (Minor issue)
CVE-2011-2197 (The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x ...)
- - rails <undetermined>
+ - rails <unfixed> (bug #634990)
NOTE: likely affected since sid is < 2.3.12
CVE-2011-2196
RESERVED
More information about the Secure-testing-commits
mailing list