[Secure-testing-commits] r16758 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jun 3 07:59:50 UTC 2011 

Author: jmm
Date: 2011-06-03 07:59:50 +0000 (Fri, 03 Jun 2011)
New Revision: 16758

Modified:
   data/CVE/list
Log:
new libvirt issue (FD, please file a bug)
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-06-03 06:02:21 UTC (rev 16757)
+++ data/CVE/list	2011-06-03 07:59:50 UTC (rev 16758)
@@ -1,3 +1,9 @@
+CVE-2011-2178 [libvirt regression]
+	- libvirt <unfixed> 
+	[squeeze] - libvirt <not-affected> (Introduced in 0.8.8)
+	[lenny] - libvirt <not-affected> (Introduced in 0.8.8)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=709769
+	NOTE: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
 CVE-2011-2216 [AST 2011-007]
 	- asterisk <unfixed> 
 	[lenny] - asterisk <not-affected> (Only affects 1.8)
@@ -707,7 +713,6 @@
 	- fglrx-driver <unfixed> (low; bug #625868)
 	[squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
 	[lenny] - fglrx-driver <no-dsa> (Non-free not supported)
-	TODO: check lenny/squeeze
 CVE-2011-XXXX
 	- openssh <not-affected> (Only affects platforms w/o /dev/random)
 	NOTE: http://www.openssh.com/txt/portable-keysign-rand-helper.adv
@@ -769,11 +774,11 @@
 CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
 	NOT-FOR-US: IBM DB2 9.5
 CVE-2011-1845 (Multiple memory leaks in the DataGrid control implementation in ...)
-	TODO: check
+	NOT-FOR-US: Silverlight
 CVE-2011-1844 (Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Silverlight
 CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow ...)
-	TODO: check
+	- tinyproxy <unfixed> (bug #627503)
 CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
 CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...)
@@ -783,7 +788,7 @@
 CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during ...)
 	NOT-FOR-US: IBM Rational Build Forge 7.1.0
 CVE-2011-1838 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: TWiki
 CVE-2011-1837
 	RESERVED
 CVE-2011-1836
@@ -1113,7 +1118,7 @@
 CVE-2011-1740
 	RESERVED
 CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD mountd
 CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...)
 	NOT-FOR-US: HP Palm webOS
 CVE-2011-1737 (Multiple cross-site scripting (XSS) vulnerabilities in the Email ...)

More information about the Secure-testing-commits mailing list