[Secure-testing-commits] r17046 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jul 29 21:14:18 UTC 2011
Author: joeyh
Date: 2011-07-29 21:14:17 +0000 (Fri, 29 Jul 2011)
New Revision: 17046
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-29 19:19:08 UTC (rev 17045)
+++ data/CVE/list 2011-07-29 21:14:17 UTC (rev 17046)
@@ -1,3 +1,9 @@
+CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)
+ TODO: check
+CVE-2011-2957 (Unspecified vulnerability in Rockwell Automation FactoryTalk ...)
+ TODO: check
+CVE-2011-2956 (AzeoTech DAQFactory before 5.85 (Build 1842) does not perform ...)
+ TODO: check
CVE-2011-XXXX [clamav: off-by-one]
- clamav 0.97.2+dfsg-1 (bug #635599)
CVE-2011-XXXX [rtkit: failure to drop supplemental groups]
@@ -431,8 +437,8 @@
RESERVED
CVE-2011-2748
RESERVED
-CVE-2011-2747
- RESERVED
+CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
+ TODO: check
CVE-2011-2746
RESERVED
CVE-2011-2745 (upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier ...)
@@ -564,8 +570,8 @@
CVE-2011-2696 (Integer overflow in libsndfile before 1.0.25 allows remote attackers ...)
{DSA-2288-1}
- libsndfile 1.0.25-1
-CVE-2011-2695
- RESERVED
+CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel ...)
+ TODO: check
CVE-2011-2694 [Samba SWAT XSS]
RESERVED
- samba 2:3.5.10~dfsg-1 (low)
@@ -580,11 +586,9 @@
CVE-2011-2690 (Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, ...)
{DSA-2287-1}
- libpng 1.2.46-1 (high; bug #633871)
-CVE-2011-2689
- RESERVED
+CVE-2011-2689 (The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel ...)
- linux-2.6 3.0.0-1
-CVE-2011-2688 [libapache2-mod-auth-external sql injection]
- RESERVED
+CVE-2011-2688 (SQL injection vulnerability in mysql/mysql-auth.pl in the ...)
{DSA-2279-1}
- libapache2-mod-authnz-external 3.2.4-2.1 (medium; bug #633637)
CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended ...)
@@ -654,8 +658,8 @@
RESERVED
CVE-2011-2668
RESERVED
-CVE-2011-2667
- RESERVED
+CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway ...)
+ TODO: check
CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open ...)
- asterisk <undetermined>
CVE-2011-2665 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...)
@@ -928,14 +932,14 @@
RESERVED
CVE-2011-2550
RESERVED
-CVE-2011-2549
- RESERVED
+CVE-2011-2549 (Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco ...)
+ TODO: check
CVE-2011-2548
RESERVED
-CVE-2011-2547
- RESERVED
-CVE-2011-2546
- RESERVED
+CVE-2011-2547 (The web-based management interface on Cisco SA 500 series security ...)
+ TODO: check
+CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on ...)
+ TODO: check
CVE-2011-2545
RESERVED
CVE-2011-2544
@@ -1106,8 +1110,7 @@
CVE-2011-2493
RESERVED
- linux-2.6 2.6.39-1 (low)
-CVE-2011-2492
- RESERVED
+CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not ...)
- linux-2.6 3.0.0-1 (low)
CVE-2011-2491
RESERVED
@@ -4268,8 +4271,8 @@
RESERVED
CVE-2011-1340
RESERVED
-CVE-2011-1339
- RESERVED
+CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
+ TODO: check
CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)
NOT-FOR-US: XnView
CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of ...)
@@ -27633,6 +27636,7 @@
[etch] - wordpress <not-affected> (Vulnerable code not present)
NOTE: not really a security issue in my opinion, just an annoying bug
CVE-2008-7291 [gri: insecure temp file generation]
+ RESERVED
- gri 2.12.18-1 (low)
[etch] - gri <no-dsa> (Minor issue)
[lenny] - gri <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list