[Secure-testing-commits] r17046 - data/CVE

Fri Jul 29 21:14:18 UTC 2011

Author: joeyh
Date: 2011-07-29 21:14:17 +0000 (Fri, 29 Jul 2011)
New Revision: 17046

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-07-29 19:19:08 UTC (rev 17045)
+++ data/CVE/list	2011-07-29 21:14:17 UTC (rev 17046)
@@ -1,3 +1,9 @@
+CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)
+	TODO: check
+CVE-2011-2957 (Unspecified vulnerability in Rockwell Automation FactoryTalk ...)
+	TODO: check
+CVE-2011-2956 (AzeoTech DAQFactory before 5.85 (Build 1842) does not perform ...)
+	TODO: check
 CVE-2011-XXXX [clamav: off-by-one]
 	- clamav 0.97.2+dfsg-1 (bug #635599)
 CVE-2011-XXXX [rtkit: failure to drop supplemental groups]
@@ -431,8 +437,8 @@
 	RESERVED
 CVE-2011-2748
 	RESERVED
-CVE-2011-2747
-	RESERVED
+CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
+	TODO: check
 CVE-2011-2746
 	RESERVED
 CVE-2011-2745 (upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier ...)
@@ -564,8 +570,8 @@
 CVE-2011-2696 (Integer overflow in libsndfile before 1.0.25 allows remote attackers ...)
 	{DSA-2288-1}
 	- libsndfile 1.0.25-1 
-CVE-2011-2695
-	RESERVED
+CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel ...)
+	TODO: check
 CVE-2011-2694 [Samba SWAT XSS]
 	RESERVED
 	- samba 2:3.5.10~dfsg-1 (low)
@@ -580,11 +586,9 @@
 CVE-2011-2690 (Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, ...)
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (high; bug #633871)
-CVE-2011-2689
-	RESERVED
+CVE-2011-2689 (The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel ...)
 	- linux-2.6 3.0.0-1
-CVE-2011-2688 [libapache2-mod-auth-external sql injection]
-	RESERVED
+CVE-2011-2688 (SQL injection vulnerability in mysql/mysql-auth.pl in the ...)
 	{DSA-2279-1}
 	- libapache2-mod-authnz-external 3.2.4-2.1 (medium; bug #633637)
 CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended ...)
@@ -654,8 +658,8 @@
 	RESERVED
 CVE-2011-2668
 	RESERVED
-CVE-2011-2667
-	RESERVED
+CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway ...)
+	TODO: check
 CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open ...)
 	- asterisk <undetermined>
 CVE-2011-2665 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...)
@@ -928,14 +932,14 @@
 	RESERVED
 CVE-2011-2550
 	RESERVED
-CVE-2011-2549
-	RESERVED
+CVE-2011-2549 (Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco ...)
+	TODO: check
 CVE-2011-2548
 	RESERVED
-CVE-2011-2547
-	RESERVED
-CVE-2011-2546
-	RESERVED
+CVE-2011-2547 (The web-based management interface on Cisco SA 500 series security ...)
+	TODO: check
+CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on ...)
+	TODO: check
 CVE-2011-2545
 	RESERVED
 CVE-2011-2544
@@ -1106,8 +1110,7 @@
 CVE-2011-2493
 	RESERVED
 	- linux-2.6 2.6.39-1 (low)
-CVE-2011-2492
-	RESERVED
+CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not ...)
 	- linux-2.6 3.0.0-1 (low)
 CVE-2011-2491
 	RESERVED
@@ -4268,8 +4271,8 @@
 	RESERVED
 CVE-2011-1340
 	RESERVED
-CVE-2011-1339
-	RESERVED
+CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
+	TODO: check
 CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)
 	NOT-FOR-US: XnView
 CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of ...)
@@ -27633,6 +27636,7 @@
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: not really a security issue in my opinion, just an annoying bug
 CVE-2008-7291 [gri: insecure temp file generation]
+	RESERVED
 	- gri 2.12.18-1 (low)
 	[etch] - gri <no-dsa> (Minor issue)
 	[lenny] - gri <no-dsa> (Minor issue)


