[Secure-testing-commits] r17050 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Sat Jul 30 10:59:07 UTC 2011 

Author: jmm
Date: 2011-07-30 10:59:06 +0000 (Sat, 30 Jul 2011)
New Revision: 17050

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
clamav/drupal CVEfied
"new" atop issue (no-dsa)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-07-29 23:01:47 UTC (rev 17049)
+++ data/CVE/list	2011-07-30 10:59:06 UTC (rev 17050)
@@ -1,3 +1,7 @@
+CVE-2011-XXXX [atop insecure tempfile handling]
+	- atop <unfixed> (low; bug #622794)
+	[lenny] - atop <no-dsa> (Minor issue)
+	[squeeze] - atop <no-dsa> (Minor issue)
 CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2011-2957 (Unspecified vulnerability in Rockwell Automation FactoryTalk ...)
@@ -4,8 +8,6 @@
 	NOT-FOR-US: Rockwell Automation FactoryTalk Diagnostics Viewer
 CVE-2011-2956 (AzeoTech DAQFactory before 5.85 (Build 1842) does not perform ...)
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2011-XXXX [clamav: off-by-one]
-	- clamav 0.97.2+dfsg-1 (bug #635599)
 CVE-2011-XXXX [rtkit: failure to drop supplemental groups]
 	- rtkit 0.10-2
 CVE-2011-XXXX [minissdpd multiple issues]
@@ -154,8 +156,6 @@
 	NOT-FOR-US: IBM Lotus Symphony
 CVE-2011-2884 (Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-XXXX [SA-CORE-2011-003]
-	- drupal7 7.6-1
 CVE-2011-XXXX [ark directory traversal]
 	- kdeutils <unfixed> (bug #635541)
 CVE-2011-2883 (The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access ...)
@@ -479,8 +479,9 @@
 	RESERVED
 CVE-2011-2727
 	RESERVED
-CVE-2011-2726
+CVE-2011-2726 [SA-CORE-2011-003]
 	RESERVED
+	- drupal7 7.6-1
 CVE-2011-2725
 	RESERVED
 CVE-2011-2724
@@ -490,8 +491,9 @@
 CVE-2011-2722
 	RESERVED
 	- hplip <unfixed> (bug #635549; low)
-CVE-2011-2721
+CVE-2011-2721 [clamav: off-by-one]
 	RESERVED
+	- clamav 0.97.2+dfsg-1 (bug #635599)
 CVE-2011-2720 [glpi: Insufficient blacklist]
 	RESERVED
 	- glpi <unfixed> (bug #635544; unimportant)

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2011-07-29 23:01:47 UTC (rev 17049)
+++ data/ospu-candidates.txt	2011-07-30 10:59:06 UTC (rev 17050)
@@ -35,6 +35,11 @@
 
 --
 
+atop (CVE-2011-XXXX)
+#622794
+
+--
+
 babel (CVE-2009-3736)
 #559843
 notified maintainer

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-07-29 23:01:47 UTC (rev 17049)
+++ data/spu-candidates.txt	2011-07-30 10:59:06 UTC (rev 17050)
@@ -15,6 +15,11 @@
 
 --
 
+atop (CVE-2011-XXXX)
+#622794
+
+--
+
 conky (CVE-2011-XXXX)
 #612033
 waiting unstable

More information about the Secure-testing-commits mailing list