[Secure-testing-commits] r16825 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Jun 20 21:52:37 UTC 2011


Author: jmm
Date: 2011-06-20 21:52:37 +0000 (Mon, 20 Jun 2011)
New Revision: 16825

Modified:
   data/CVE/list
Log:
update CVE list. The old update cronjob run by Joey Hess seems
to have lost in the Alioth transition. I'll wire this up as a
cron job soon.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-06-20 18:28:01 UTC (rev 16824)
+++ data/CVE/list	2011-06-20 21:52:37 UTC (rev 16825)
@@ -1,4 +1,650 @@
-CVE-2011-2477 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga ...)
+CVE-2011-2529
+	RESERVED
+CVE-2011-2528
+	RESERVED
+CVE-2011-2527
+	RESERVED
+CVE-2011-2526
+	RESERVED
+CVE-2011-2525
+	RESERVED
+CVE-2011-2524
+	RESERVED
+CVE-2011-2523
+	RESERVED
+CVE-2011-2522
+	RESERVED
+CVE-2011-2521
+	RESERVED
+CVE-2011-2520
+	RESERVED
+CVE-2011-2519
+	RESERVED
+CVE-2011-2518
+	RESERVED
+CVE-2011-2517
+	RESERVED
+CVE-2011-2516
+	RESERVED
+CVE-2011-2515
+	RESERVED
+CVE-2011-2514
+	RESERVED
+CVE-2011-2513
+	RESERVED
+CVE-2011-2512
+	RESERVED
+CVE-2011-2511
+	RESERVED
+CVE-2011-2510
+	RESERVED
+CVE-2011-2509
+	RESERVED
+CVE-2011-2508
+	RESERVED
+CVE-2011-2507
+	RESERVED
+CVE-2011-2506
+	RESERVED
+CVE-2011-2505
+	RESERVED
+CVE-2011-2504
+	RESERVED
+CVE-2011-2503
+	RESERVED
+CVE-2011-2502
+	RESERVED
+CVE-2011-2501
+	RESERVED
+CVE-2011-2500
+	RESERVED
+CVE-2011-2499
+	RESERVED
+CVE-2011-2498
+	RESERVED
+CVE-2011-2497
+	RESERVED
+CVE-2011-2496
+	RESERVED
+CVE-2011-2495
+	RESERVED
+CVE-2011-2494
+	RESERVED
+CVE-2011-2493
+	RESERVED
+CVE-2011-2492
+	RESERVED
+CVE-2011-2491
+	RESERVED
+CVE-2011-2490
+	RESERVED
+CVE-2011-2489
+	RESERVED
+CVE-2011-2488
+	RESERVED
+CVE-2011-2487
+	RESERVED
+CVE-2011-2486
+	RESERVED
+CVE-2011-2485
+	RESERVED
+CVE-2011-2484
+	RESERVED
+CVE-2011-2483
+	RESERVED
+CVE-2011-2482
+	RESERVED
+CVE-2011-2481
+	RESERVED
+CVE-2011-2480
+	RESERVED
+CVE-2011-2479
+	RESERVED
+CVE-2011-2478
+	RESERVED
+CVE-2011-2470
+	RESERVED
+CVE-2011-2469
+	RESERVED
+CVE-2011-2467
+	RESERVED
+CVE-2011-2466
+	RESERVED
+CVE-2011-2465
+	RESERVED
+CVE-2011-2464
+	RESERVED
+CVE-2011-2463
+	RESERVED
+CVE-2011-2462
+	RESERVED
+CVE-2011-2461
+	RESERVED
+CVE-2011-2460
+	RESERVED
+CVE-2011-2459
+	RESERVED
+CVE-2011-2458
+	RESERVED
+CVE-2011-2457
+	RESERVED
+CVE-2011-2456
+	RESERVED
+CVE-2011-2455
+	RESERVED
+CVE-2011-2454
+	RESERVED
+CVE-2011-2453
+	RESERVED
+CVE-2011-2452
+	RESERVED
+CVE-2011-2451
+	RESERVED
+CVE-2011-2450
+	RESERVED
+CVE-2011-2449
+	RESERVED
+CVE-2011-2448
+	RESERVED
+CVE-2011-2447
+	RESERVED
+CVE-2011-2446
+	RESERVED
+CVE-2011-2445
+	RESERVED
+CVE-2011-2444
+	RESERVED
+CVE-2011-2443
+	RESERVED
+CVE-2011-2442
+	RESERVED
+CVE-2011-2441
+	RESERVED
+CVE-2011-2440
+	RESERVED
+CVE-2011-2439
+	RESERVED
+CVE-2011-2438
+	RESERVED
+CVE-2011-2437
+	RESERVED
+CVE-2011-2436
+	RESERVED
+CVE-2011-2435
+	RESERVED
+CVE-2011-2434
+	RESERVED
+CVE-2011-2433
+	RESERVED
+CVE-2011-2432
+	RESERVED
+CVE-2011-2431
+	RESERVED
+CVE-2011-2430
+	RESERVED
+CVE-2011-2429
+	RESERVED
+CVE-2011-2428
+	RESERVED
+CVE-2011-2427
+	RESERVED
+CVE-2011-2426
+	RESERVED
+CVE-2011-2425
+	RESERVED
+CVE-2011-2424
+	RESERVED
+CVE-2011-2423
+	RESERVED
+CVE-2011-2422
+	RESERVED
+CVE-2011-2421
+	RESERVED
+CVE-2011-2420
+	RESERVED
+CVE-2011-2419
+	RESERVED
+CVE-2011-2418
+	RESERVED
+CVE-2011-2417
+	RESERVED
+CVE-2011-2416
+	RESERVED
+CVE-2011-2415
+	RESERVED
+CVE-2011-2414
+	RESERVED
+CVE-2011-2413
+	RESERVED
+CVE-2011-2412
+	RESERVED
+CVE-2011-2411
+	RESERVED
+CVE-2011-2410
+	RESERVED
+CVE-2011-2409
+	RESERVED
+CVE-2011-2408
+	RESERVED
+CVE-2011-2407
+	RESERVED
+CVE-2011-2406
+	RESERVED
+CVE-2011-2405
+	RESERVED
+CVE-2011-2404
+	RESERVED
+CVE-2011-2403
+	RESERVED
+CVE-2011-2402
+	RESERVED
+CVE-2011-2401
+	RESERVED
+CVE-2011-2400
+	RESERVED
+CVE-2011-2399
+	RESERVED
+CVE-2011-2398
+	RESERVED
+CVE-2011-2397
+	RESERVED
+CVE-2011-2396
+	RESERVED
+CVE-2011-2394
+	RESERVED
+CVE-2011-2393
+	RESERVED
+CVE-2011-2392
+	RESERVED
+CVE-2011-2391
+	RESERVED
+CVE-2011-2390
+	RESERVED
+CVE-2011-2389
+	RESERVED
+CVE-2011-2388
+	RESERVED
+CVE-2011-2387
+	RESERVED
+CVE-2011-2386 (VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey ...)
+	TODO: check
+CVE-2011-2385
+	RESERVED
+CVE-2011-2384
+	RESERVED
+CVE-2011-2381
+	RESERVED
+CVE-2011-2380
+	RESERVED
+CVE-2011-2379
+	RESERVED
+CVE-2011-2378
+	RESERVED
+CVE-2011-2377
+	RESERVED
+CVE-2011-2376
+	RESERVED
+CVE-2011-2375
+	RESERVED
+CVE-2011-2374
+	RESERVED
+CVE-2011-2373
+	RESERVED
+CVE-2011-2372
+	RESERVED
+CVE-2011-2371
+	RESERVED
+CVE-2011-2370
+	RESERVED
+CVE-2011-2369
+	RESERVED
+CVE-2011-2368
+	RESERVED
+CVE-2011-2367
+	RESERVED
+CVE-2011-2366
+	RESERVED
+CVE-2011-2365
+	RESERVED
+CVE-2011-2364
+	RESERVED
+CVE-2011-2363
+	RESERVED
+CVE-2011-2362
+	RESERVED
+CVE-2011-2361
+	RESERVED
+CVE-2011-2360
+	RESERVED
+CVE-2011-2359
+	RESERVED
+CVE-2011-2358
+	RESERVED
+CVE-2011-2357
+	RESERVED
+CVE-2011-2356
+	RESERVED
+CVE-2011-2355
+	RESERVED
+CVE-2011-2354
+	RESERVED
+CVE-2011-2353
+	RESERVED
+CVE-2011-2352
+	RESERVED
+CVE-2011-2351
+	RESERVED
+CVE-2011-2350
+	RESERVED
+CVE-2011-2349
+	RESERVED
+CVE-2011-2348
+	RESERVED
+CVE-2011-2347
+	RESERVED
+CVE-2011-2346
+	RESERVED
+CVE-2011-2345
+	RESERVED
+CVE-2011-2344
+	RESERVED
+CVE-2011-2343
+	RESERVED
+CVE-2011-2341
+	RESERVED
+CVE-2011-2340
+	RESERVED
+CVE-2011-2339
+	RESERVED
+CVE-2011-2338
+	RESERVED
+CVE-2011-2337
+	RESERVED
+CVE-2011-2336
+	RESERVED
+CVE-2011-2335
+	RESERVED
+CVE-2011-2334
+	RESERVED
+CVE-2011-2333
+	RESERVED
+CVE-2011-2329 (The rampart_timestamp_token_validate function in ...)
+	TODO: check
+CVE-2011-2327
+	RESERVED
+CVE-2011-2326
+	RESERVED
+CVE-2011-2325
+	RESERVED
+CVE-2011-2324
+	RESERVED
+CVE-2011-2323
+	RESERVED
+CVE-2011-2322
+	RESERVED
+CVE-2011-2321
+	RESERVED
+CVE-2011-2320
+	RESERVED
+CVE-2011-2319
+	RESERVED
+CVE-2011-2318
+	RESERVED
+CVE-2011-2317
+	RESERVED
+CVE-2011-2316
+	RESERVED
+CVE-2011-2315
+	RESERVED
+CVE-2011-2314
+	RESERVED
+CVE-2011-2313
+	RESERVED
+CVE-2011-2312
+	RESERVED
+CVE-2011-2311
+	RESERVED
+CVE-2011-2310
+	RESERVED
+CVE-2011-2309
+	RESERVED
+CVE-2011-2308
+	RESERVED
+CVE-2011-2307
+	RESERVED
+CVE-2011-2306
+	RESERVED
+CVE-2011-2305
+	RESERVED
+CVE-2011-2304
+	RESERVED
+CVE-2011-2303
+	RESERVED
+CVE-2011-2302
+	RESERVED
+CVE-2011-2301
+	RESERVED
+CVE-2011-2300
+	RESERVED
+CVE-2011-2299
+	RESERVED
+CVE-2011-2298
+	RESERVED
+CVE-2011-2297
+	RESERVED
+CVE-2011-2296
+	RESERVED
+CVE-2011-2295
+	RESERVED
+CVE-2011-2294
+	RESERVED
+CVE-2011-2293
+	RESERVED
+CVE-2011-2292
+	RESERVED
+CVE-2011-2291
+	RESERVED
+CVE-2011-2290
+	RESERVED
+CVE-2011-2289
+	RESERVED
+CVE-2011-2288
+	RESERVED
+CVE-2011-2287
+	RESERVED
+CVE-2011-2286
+	RESERVED
+CVE-2011-2285
+	RESERVED
+CVE-2011-2284
+	RESERVED
+CVE-2011-2283
+	RESERVED
+CVE-2011-2282
+	RESERVED
+CVE-2011-2281
+	RESERVED
+CVE-2011-2280
+	RESERVED
+CVE-2011-2279
+	RESERVED
+CVE-2011-2278
+	RESERVED
+CVE-2011-2277
+	RESERVED
+CVE-2011-2276
+	RESERVED
+CVE-2011-2275
+	RESERVED
+CVE-2011-2274
+	RESERVED
+CVE-2011-2273
+	RESERVED
+CVE-2011-2272
+	RESERVED
+CVE-2011-2271
+	RESERVED
+CVE-2011-2270
+	RESERVED
+CVE-2011-2269
+	RESERVED
+CVE-2011-2268
+	RESERVED
+CVE-2011-2267
+	RESERVED
+CVE-2011-2266
+	RESERVED
+CVE-2011-2265
+	RESERVED
+CVE-2011-2264
+	RESERVED
+CVE-2011-2263
+	RESERVED
+CVE-2011-2262
+	RESERVED
+CVE-2011-2261
+	RESERVED
+CVE-2011-2260
+	RESERVED
+CVE-2011-2259
+	RESERVED
+CVE-2011-2258
+	RESERVED
+CVE-2011-2257
+	RESERVED
+CVE-2011-2256
+	RESERVED
+CVE-2011-2255
+	RESERVED
+CVE-2011-2254
+	RESERVED
+CVE-2011-2253
+	RESERVED
+CVE-2011-2252
+	RESERVED
+CVE-2011-2251
+	RESERVED
+CVE-2011-2250
+	RESERVED
+CVE-2011-2249
+	RESERVED
+CVE-2011-2248
+	RESERVED
+CVE-2011-2247
+	RESERVED
+CVE-2011-2246
+	RESERVED
+CVE-2011-2245
+	RESERVED
+CVE-2011-2244
+	RESERVED
+CVE-2011-2243
+	RESERVED
+CVE-2011-2242
+	RESERVED
+CVE-2011-2241
+	RESERVED
+CVE-2011-2240
+	RESERVED
+CVE-2011-2239
+	RESERVED
+CVE-2011-2238
+	RESERVED
+CVE-2011-2237
+	RESERVED
+CVE-2011-2236
+	RESERVED
+CVE-2011-2235
+	RESERVED
+CVE-2011-2234
+	RESERVED
+CVE-2011-2233
+	RESERVED
+CVE-2011-2232
+	RESERVED
+CVE-2011-2231
+	RESERVED
+CVE-2011-2230
+	RESERVED
+CVE-2011-2229
+	RESERVED
+CVE-2011-2228
+	RESERVED
+CVE-2011-2227
+	RESERVED
+CVE-2011-2226
+	RESERVED
+CVE-2011-2225
+	RESERVED
+CVE-2011-2224
+	RESERVED
+CVE-2011-2223
+	RESERVED
+CVE-2011-2222
+	RESERVED
+CVE-2011-2221
+	RESERVED
+CVE-2011-2220
+	RESERVED
+CVE-2011-2219
+	RESERVED
+CVE-2011-2218
+	RESERVED
+CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
+	TODO: check
+CVE-2011-2213
+	RESERVED
+CVE-2011-2212
+	RESERVED
+CVE-2011-2207
+	RESERVED
+CVE-2011-2206
+	RESERVED
+CVE-2011-2205
+	RESERVED
+CVE-2011-2204
+	RESERVED
+CVE-2011-2201
+	RESERVED
+CVE-2011-2200
+	RESERVED
+CVE-2011-2197
+	RESERVED
+CVE-2011-2196
+	RESERVED
+CVE-2011-2195
+	RESERVED
+CVE-2011-2193
+	RESERVED
+CVE-2011-2192
+	RESERVED
+CVE-2011-2191
+	RESERVED
+CVE-2011-2189
+	RESERVED
+CVE-2011-2187
+	RESERVED
+CVE-2011-2186
+	RESERVED
+CVE-2011-2181
+	RESERVED
+CVE-2011-2180
+	RESERVED
+CVE-2011-2177
+	RESERVED
+CVE-2011-2176
+	RESERVED
+CVE-2011-2167 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot ...)
+	TODO: check
+CVE-2011-2166 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the user ...)
+	TODO: check
+CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux kernel ...)
+	TODO: check
+CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, ...)
+	TODO: check
+CVE-2011-2477 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in ...)
 	- icinga <undetermined>
 	NOTE: 1.4.1 is said to be fixed
 	- nagios3 <undetermined>
@@ -6,134 +652,150 @@
 CVE-2011-2476 (Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery ...)
 	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2011-2208 [Alpha-specific issue]
+	RESERVED
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
 CVE-2011-2209 [Alpha-specific issue]
+	RESERVED
 	- linux-2.6 2.6.32-1
 CVE-2011-2210 [Alpha-specific issue]
+	RESERVED
 	- linux-2.6 2.6.32-1
 CVE-2011-2211 [Alpha-specific issue]
+	RESERVED
 	- linux-2.6 2.6.32-1
 CVE-2011-2203 [HFS DoS]
+	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2011-2202 (The rfc1867_post_handler function in main/rfc1867.c ...)
+CVE-2011-2202 (The rfc1867_post_handler function in main/rfc1867.c in PHP before ...)
 	- php5 <undetermined>
 	NOTE: probably affected, because fixed upstream in 5.3.7
 CVE-2011-2199 [tftp-hpa buffer overflow]
+	RESERVED
 	- tftp-hpa <unfixed>
 	NOTE: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
 CVE-2011-2198 [vte memory exhaustion]
+	RESERVED
 	- vte 1:0.28.1-1 (low; bug #629688)
 	[lenny] - vte <no-dsa> (Minor issue)
 	[squeeze] - vte <no-dsa> (Minor issue)
 CVE-2011-XXXX [libpam-ssh: pam_ssh not dropping root gid(s)]
-    - libpam-ssh <unfixed> (low)
-    [squeeze] - libpam-ssh <no-dsa> (Minor issue) 
-    [lenny] - libpam-ssh <no-dsa> (Minor issue) 
-    NOTE: https://bugzilla.novell.com/show_bug.cgi?id=665061
-    NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=711170
-    NOTE: CVE request and discussion: http://www.openwall.com/lists/oss-security/2011/06/06/3
+	- libpam-ssh <unfixed> (low)
+	[squeeze] - libpam-ssh <no-dsa> (Minor issue) 
+	[lenny] - libpam-ssh <no-dsa> (Minor issue) 
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=665061
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=711170
+	NOTE: CVE request and discussion: http://www.openwall.com/lists/oss-security/2011/06/06/3
 CVE-2011-2185 [fabric insecure temp files]
+	RESERVED
 	- fabric <unfixed> (low; bug #629003)
 	[squeeze] - fabric <no-dsa> (Minor issue)
-CVE-2011-2475
+CVE-2011-2475 (Format string vulnerability in ECTrace.dll in the iMailGateway service ...)
 	NOT-FOR-US: Sybase OneBridge Mobile Data Suite
-CVE-2011-2474
+CVE-2011-2474 (Directory traversal vulnerability in the HTTP Server in Sybase ...)
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-2473
+CVE-2011-2473 (The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and ...)
 	- oprofile <unfixed> (bug #630084)
-CVE-2011-2472
+CVE-2011-2472 (Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 ...)
 	- oprofile <unfixed> (bug #630084)
-CVE-2011-2471
+CVE-2011-2471 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...)
 	- oprofile <unfixed> (bug #630084)
-CVE-2011-2468
+CVE-2011-2468 (Directory traversal vulnerability in the web interface in AnyMacro ...)
 	NOT-FOR-US: AnyMacro Mail System G4X
-CVE-2011-2395
+CVE-2011-2395 (The Neighbor Discovery (ND) protocol implementation in Cisco IOS on ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2383
+CVE-2011-2383 (Microsoft Internet Explorer 9 and earlier does not properly restrict ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-2342
+CVE-2011-2342 (The DOM implementation in Google Chrome before 12.0.742.91 allows ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	- webkit <undetermined>
-CVE-2011-2382
+CVE-2011-2382 (Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-2332
+CVE-2011-2332 (Google V8, as used in Google Chrome before 12.0.742.91, allows remote ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	- libv8 <undetermined>
-CVE-2011-2194  [vlc xspf integer overflow]
+CVE-2011-2194 [vlc xspf integer overflow]
+	RESERVED
+	{DSA-2257-1}
 	- vlc 1.1.10-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
 CVE-2011-2190 [cherokee csrf]
+	RESERVED
 	- cherokee <unfixed> (low)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
 	[lenny] - cherokee <no-dsa> (Minor issue)
 	NOTE: http://code.google.com/p/cherokee/issues/detail?id=1212
 CVE-2011-2188 [lua-expat billion laugh mitigation]
+	RESERVED
 	- lua-expat 1.2.0-1 (low; bug #629225)
 	[squeeze] - lua-expat <no-dsa> (Minor issue)
 	[lenny] - lua-expat <no-dsa> (Minor issue)
 CVE-2011-2184 [race condition in KSM]
+	RESERVED
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 CVE-2011-2183 [race condition in KSM]
+	RESERVED
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2011-XXXX [login: tty hijacking possible in "su" via TIOCSTI ioctl]
 	- shadow <unfixed> (bug #628843)
 	NOTE: CVE requested http://www.openwall.com/lists/oss-security/2011/06/02/3
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
-CVE-2011-2331
+CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC) ...)
 	NOT-FOR-US: HP Intelligent Management Center (IMC)
-CVE-2011-2330
+CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, ...)
 	NOT-FOR-US: IBM Tivoli Management Framework
-CVE-2011-2328
+CVE-2011-2328 (Buffer overflow in HP LoadRunner allows remote attackers to cause a ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2011-2215
+CVE-2011-2215 (Unspecified vulnerability in WalRack 1.x before 1.1.8 and 2.x before ...)
 	NOT-FOR-US: WalRack
-CVE-2011-2214
+CVE-2011-2214 (Unspecified vulnerability in the Open Database Connectivity (ODBC) ...)
 	NOT-FOR-US: 7T Interactive Graphical SCADA System
-CVE-2011-2175 (Integer underflow in the visual_read function in wiretap/visual.c ...)
+CVE-2011-2175 (Integer underflow in the visual_read function in wiretap/visual.c in ...)
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-2174 (Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c ...)
+CVE-2011-2174 (Double free vulnerability in the tvb_uncompress function in ...)
 	- wireshark 1.6.0-1 (bug #630159)
-CVE-2011-2173
+CVE-2011-2173 (The implementation of OutputMediator objects in IBM WebSphere Portal ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2172
+CVE-2011-2172 (Cross-site scripting (XSS) vulnerability in the search center in IBM ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2171
+CVE-2011-2171 (Unspecified vulnerability in the dbugs package in Google Chrome OS ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2170
+CVE-2011-2170 (Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2169
+CVE-2011-2169 (Google Chrome OS before R12 0.12.433.38 Beta allows local users to ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2168
+CVE-2011-2168 (Multiple integer overflows in the glob implementation in libc in ...)
 	NOT-FOR-US: OpenBSD
-CVE-2011-2165
+CVE-2011-2165 (The STARTTLS implementation in WatchGuard XCS 9.0 and 9.1 does not ...)
 	NOT-FOR-US: WatchGuard XCS
-CVE-2010-4807
+CVE-2010-4807 (Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 ...)
 	NOT-FOR-US: IBM Web Content Manager
-CVE-2010-4806
+CVE-2010-4806 (The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 ...)
 	NOT-FOR-US: IBM Web Content Manager
 CVE-2011-2182 [incomplete fix for cve-2011-1017]
+	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2011-2179 [nagios XSS]
+CVE-2011-2179 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in ...)
 	- nagios3 3.2.3-3 (bug #629127)
- 	[lenny] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
- 	[squeeze] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
+	[lenny] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
+	[squeeze] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
 	- icinga 1.4.1-1 (bug #629131)
 	[squeeze] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	[lenny] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	NOTE: http://tracker.nagios.org/view.php?id=224
 CVE-2011-2178 [libvirt regression]
+	RESERVED
 	- libvirt 0.9.1-2 (bug #629128)
 	[squeeze] - libvirt <not-affected> (Introduced in 0.8.8)
 	[lenny] - libvirt <not-affected> (Introduced in 0.8.8)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=709769
 	NOTE: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
-CVE-2011-2216 [AST 2011-007]
+CVE-2011-2216 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...)
 	- asterisk 1:1.8.4.2-1 (bug #629130)
 	[lenny] - asterisk <not-affected> (Only affects 1.8)
 	[squeeze] - asterisk <not-affected> (Only affects 1.8)
@@ -185,10 +847,10 @@
 	NOT-FOR-US: SmarterStats
 CVE-2011-2147 (Openswan 2.2.x does not properly restrict permissions for (1) ...)
 	- openswan <unfixed>  (bug #628449)
-CVE-2011-2146
-	RESERVED
-CVE-2011-2145
-	RESERVED
+CVE-2011-2146 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware ...)
+	TODO: check
+CVE-2011-2145 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware ...)
+	TODO: check
 CVE-2009-5075 (Monkey's Audio before 4.02 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Monkey's Audio
 CVE-2006-7245 (Monkey's Audio before 4.01b2 allows remote attackers to cause a denial ...)
@@ -263,81 +925,81 @@
 	RESERVED
 CVE-2011-2129
 	RESERVED
-CVE-2011-2128 (... allows attackers to execute arbitrary code or cause a denial ...)
+CVE-2011-2128 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2127 (... allows attackers to execute arbitrary code or cause a denial ...)
+CVE-2011-2127 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2126 (... allows attackers to execute arbitrary code via unspecified vectors.)
+CVE-2011-2126 (Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2125 (Buffer overflow in Dirapix.dll ...)
+CVE-2011-2125 (Buffer overflow in Dirapix.dll in Adobe Shockwave Player before ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2124 (... attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2124 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2123 (Integer overflow in the Shockwave 3D Asset x32 component ...)
+CVE-2011-2123 (Integer overflow in the Shockwave 3D Asset x32 component in Adobe ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2122 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2122 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2121 (Integer overflow ...)
+CVE-2011-2121 (Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2120 (Integer overflow in the CursorAsset x32 component ...)
+CVE-2011-2120 (Integer overflow in the CursorAsset x32 component in Adobe Shockwave ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2119 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2119 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2118 (The FLV ASSET Xtra component ... allows attackers to execute arbitrary code ...)
+CVE-2011-2118 (The FLV ASSET Xtra component in Adobe Shockwave Player before ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2117 (... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2117 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2116 (IML32.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2115 (IML32.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2114 (... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2113 (Multiple buffer overflows in the Shockwave3DAsset component ...)
+CVE-2011-2113 (Multiple buffer overflows in the Shockwave3DAsset component in Adobe ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2112 (Multiple buffer overflows in IML32.dll ...)
+CVE-2011-2112 (Multiple buffer overflows in IML32.dll in Adobe Shockwave Player ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2111 (IML32.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2111 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2110 (... allows remote attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2110 (Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2109 (Multiple integer overflows in Dirapi.dll ...)
+CVE-2011-2109 (Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2108 (... allows attackers to execute arbitrary code via unspecified vectors ...)
+CVE-2011-2108 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2107 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 ...)
+CVE-2011-2107 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2106 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2106 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2105 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2105 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2104 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2104 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2103 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2103 (Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2102 (... allows attackers to bypass intended access restrictions ...)
+CVE-2011-2102 (Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2101 (... do not properly restrict script ...)
+CVE-2011-2101 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2100 (Untrusted search path vulnerability ...)
+CVE-2011-2100 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2099 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2099 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2098 (... allow attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-2098 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2097 (Buffer overflow ...)
+CVE-2011-2097 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2096 (Heap-based buffer overflow ...)
+CVE-2011-2096 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2095 (Buffer overflow ...)
+CVE-2011-2095 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2094 (Buffer overflow ...)
+CVE-2011-2094 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2093 (... do not properly handle object graphs ...)
+CVE-2011-2093 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and ...)
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2092 (... do not properly restrict creation of classes ...)
+CVE-2011-2092 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and ...)
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2091 (... allows remote attackers to cause a denial of service ...)
+CVE-2011-2091 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-2090
 	RESERVED
@@ -438,11 +1100,11 @@
 	RESERVED
 CVE-2011-2042
 	RESERVED
-CVE-2011-2041
+CVE-2011-2041 (The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2040
+CVE-2011-2040 (The helper application in Cisco AnyConnect Secure Mobility Client ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2039
+CVE-2011-2039 (The helper application in Cisco AnyConnect Secure Mobility Client ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2038
 	RESERVED
@@ -472,11 +1134,12 @@
 	RESERVED
 CVE-2011-2025
 	RESERVED
-CVE-2011-2024
+CVE-2011-2024 (Cisco Network Registrar before 7.2 has a default administrative ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2023
 	RESERVED
 CVE-2011-2022 (The agp_generic_remove_memory function in drivers/char/agp/generic.c ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-2021 (Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 ...)
 	NOT-FOR-US: TIBCO iProcess Engine
@@ -602,67 +1265,64 @@
 	RESERVED
 CVE-2011-1960
 	RESERVED
-CVE-2011-1959 (The snoop_read function in wiretap/snoop.c ... does not properly handle certain virtualizable buffers ...)
+CVE-2011-1959 (The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before ...)
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1958
-	RESERVED
-CVE-2011-1957
-	RESERVED
-CVE-2011-1956
-	RESERVED
+CVE-2011-1958 (Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows ...)
+	TODO: check
+CVE-2011-1957 (The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the ...)
+	TODO: check
+CVE-2011-1956 (The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect ...)
+	TODO: check
 CVE-2011-1955
 	RESERVED
-CVE-2011-1954
-	RESERVED
-CVE-2011-1953
-	RESERVED
-CVE-2011-1952
-	RESERVED
+CVE-2011-1954 (Multiple cross-site request forgery (CSRF) vulnerabilities in Post ...)
+	TODO: check
+CVE-2011-1953 (Multiple cross-site scripting (XSS) vulnerabilities in common.php in ...)
+	TODO: check
+CVE-2011-1952 (common.php in Post Revolution before 0.8.0c-2 allows remote attackers ...)
+	TODO: check
 CVE-2011-1951
 	RESERVED
 	- syslog-ng 3.2.4-1 (low)
 	[squeeze] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	[lenny] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	NOTE: http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff
-CVE-2011-1950
-	RESERVED
-CVE-2011-1949
-	RESERVED
-CVE-2011-1948
-	RESERVED
-CVE-2011-1947
-	RESERVED
+CVE-2011-1950 (plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users ...)
+	TODO: check
+CVE-2011-1949 (Cross-site scripting (XSS) vulnerability in the safe_html filter in ...)
+	TODO: check
+CVE-2011-1948 (Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier ...)
+	TODO: check
+CVE-2011-1947 (fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time ...)
 	- fetchmail <unfixed> (unimportant)
 	NOTE: http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt
 CVE-2011-1946
 	RESERVED
-CVE-2011-1945
-	RESERVED
+CVE-2011-1945 (The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ...)
 	- openssl <unfixed> (low)
 CVE-2011-1944
 	RESERVED
-CVE-2011-1943 [network-manager-openvpn Password to unlock certificate is logged]
-	RESERVED
+CVE-2011-1943 (The destroy_one_secret function in nm-setting-vpn.c in libnm-util in ...)
 	- network-manager-openvpn <not-affected> (Affected code was only in experimental, see bug #628730)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=708876
 CVE-2011-1942
 	RESERVED
 CVE-2011-1941 [phpMyAdmin PMASA-2011-4 insecure redirect]
+	RESERVED
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.4.x only)
 	[squeeze] - phpmyadmin <not-affected> (3.4.x only)
+CVE-2011-1940 [phpMyAdmin PMASA-2011-3 xss on tracking]
 	RESERVED
-CVE-2011-1940 [phpMyAdmin PMASA-2011-3 xss on tracking]
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.3.x+ only)
 	[squeeze] - phpmyadmin <no-dsa> (may be bundled with future issues)
-	RESERVED
 CVE-2011-1939
 	RESERVED
-CVE-2011-1938
-	RESERVED
-CVE-2011-1937
+CVE-2011-1938 (Stack-based buffer overflow in the socket_connect function in ...)
+	TODO: check
+CVE-2011-1937 (Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier ...)
 	NOT-FOR-US: Webmin
 CVE-2011-1936
 	RESERVED
@@ -694,13 +1354,12 @@
 	- klibc 1.5.22-1 (low)
 	[squeeze] - klibc <no-dsa> (Minor issue)
 	[lenny] - klibc <no-dsa> (Minor issue)
-CVE-2011-1929
-	RESERVED
+CVE-2011-1929 (lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and ...)
+	{DSA-2252-1}
 	- dovecot 1:2.0.13-1 (bug #627443)
 	NOTE: [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
 	NOTE: <e15277de7326d4d7f8b560cd853e1a12 at muenster.org> claims lenny is affected
-CVE-2011-1928
-	RESERVED
+CVE-2011-1928 (The fnmatch implementation in apr_fnmatch.c in the Apache Portable ...)
 	{DSA-2237-2}
 	- apr 1.4.5-1 (bug #627182)
 CVE-2011-1927 [kernel remote DoS]
@@ -708,34 +1367,31 @@
 	- linux-2.6 <unfixed> (high)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1926 [cyrus STARTTLS]
-	RESERVED
+CVE-2011-1926 (The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not ...)
+	{DSA-2258-1 DSA-2242-1}
 	- cyrus-imapd-2.2 2.2.13p1-11 (bug #627081)
 	- cyrus-imapd-2.4 2.4.7-1
 	- kolab-cyrus-imapd 2.2.13p1-0.1 (bug #629350)
-CVE-2011-1925
-	RESERVED
+CVE-2011-1925 (nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote ...)
 	- nbd 1:2.9.22-1 (bug #627042)
 	[wheezy] - nbd <not-affected>
 	[squeeze] - nbd <not-affected>
 	[lenny] - nbd <not-affected>
-CVE-2011-1924
-	RESERVED
+CVE-2011-1924 (Buffer overflow in the policy_summarize function in or/policies.c in ...)
 	- tor 0.2.1.30-1
 	[squeeze] - tor <no-dsa> (Only affects the central Tor directory servers)
 	[lenny] - tor <no-dsa> (Only affects the central Tor directory servers)
 CVE-2011-1923 [polarssl MITM]
 	RESERVED
 	- polarssl <unfixed> (bug #616114)
-CVE-2011-1922 [Unbound empty error packet handling assertion failure]
-	RESERVED
+CVE-2011-1922 (daemon/worker.c in Unbound 1.x before 1.4.10, when debugging ...)
 	- unbound 1.4.10-1 (unimportant)
 	NOTE: http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt
 	NOTE: asserts not enabled in Debian build
-CVE-2011-1921 [subversion information disclosure]
-	RESERVED
+CVE-2011-1921 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1920 [pmake insecure tempfile]
+CVE-2011-1920 (The make include files in NetBSD before 1.6.2, as used in pmake 1.111 ...)
 	- pmake 1.111-3 (low; bug #626673)
 	[squeeze] - pmake <no-dsa> (Minor issue)
 	[lenny] - pmake <no-dsa> (Minor issue)
@@ -757,8 +1413,8 @@
 	RESERVED
 CVE-2011-1911
 	RESERVED
-CVE-2011-1910 [bind9 crash when receiving large RRSIG RRsets]
-	RESERVED
+CVE-2011-1910 (Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x ...)
+	{DSA-2244-1}
 	- bind9 <unfixed> (high)
 	NOTE: https://lists.isc.org/pipermail/bind-users/2011-May/083819.html
 CVE-2011-1909
@@ -789,7 +1445,7 @@
 	RESERVED
 CVE-2011-1895
 	RESERVED
-CVE-2011-1894 (The MHTML protocol handler ... does not properly handle a MIME format ...)
+CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1893
 	RESERVED
@@ -799,7 +1455,7 @@
 	RESERVED
 CVE-2011-1890
 	RESERVED
-CVE-2011-1889 (The NSPLookupServiceNext function ... allows remote attackers to execute arbitrary code ...)
+CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
 CVE-2011-1888
 	RESERVED
@@ -831,19 +1487,19 @@
 	RESERVED
 CVE-2011-1874
 	RESERVED
-CVE-2011-1873 (win32k.sys in the kernel-mode drivers ... does not properly validate pointers during ...)
+CVE-2011-1873 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1872 (Hyper-V ... allows guest OS users to cause a denial of service ...)
+CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1871
 	RESERVED
 CVE-2011-1870
 	RESERVED
-CVE-2011-1869 (The Distributed File System (DFS) implementation ... allows remote DFS servers to cause a denial of service ...)
+CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1868 (The Distributed File System (DFS) implementation ... does not properly validate fields in DFS responses ...)
+CVE-2011-1868 (The Distributed File System (DFS) implementation in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4804
+CVE-2010-4804 (The Android browser in Android before 2.3.4 allows remote attackers to ...)
 	NOT-FOR-US: Android Browser
 CVE-2011-XXXX
 	- libmodplug <unfixed> (low; bug #625966)
@@ -857,12 +1513,10 @@
 CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...)
 	- bind9 <not-affected> (Only affects 9.8.0, never uploaded to the archive)
 	NOTE: https://www.isc.org/CVE-2011-1907
-CVE-2011-1765 [IE6 XSS protection was incomplete]
-	RESERVED
+CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, ...)
 	- mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
-CVE-2011-1766 [$wgBlockDisablesLogin insufficient]
-	RESERVED
+CVE-2011-1766 (includes/User.php in MediaWiki before 1.16.5, when ...)
 	- mediawiki <unfixed> 
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
@@ -873,21 +1527,21 @@
 	RESERVED
 CVE-2011-1865
 	RESERVED
-CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector ... )
+CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1863 (HP Service Manager ... unspecified script injection ...)
+CVE-2011-1863 (HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1862 (Cross-site scripting (XSS) vulnerability in HP Service Manager ...)
+CVE-2011-1862 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1861 (Unspecified vulnerability in HP Service Manager ...)
+CVE-2011-1861 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1860 (Unspecified vulnerability in HP Service Manager ...)
+CVE-2011-1860 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1859 (Unspecified vulnerability in HP Service Manager ...)
+CVE-2011-1859 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1858 (Unspecified vulnerability in HP Service Manager ...)
+CVE-2011-1858 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1857 (Unspecified vulnerability in HP Service Manager ...)
+CVE-2011-1857 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
 	NOT-FOR-US: HP Service Manager
 CVE-2011-1856 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
 	NOT-FOR-US: HP Business Availability
@@ -920,6 +1574,7 @@
 CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
 CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...)
+	{DSA-2239-1}
 	- libmojolicious-perl 1.12-1
 CVE-2011-1840 (The MartiniCreations PassmanLite Password Manager application before ...)
 	NOT-FOR-US: MartiniCreations PassmanLite Password Manager for Android
@@ -948,8 +1603,10 @@
 CVE-2011-1828 (usb-creator-helper in usb-creator before 0.2.28.3 does not enforce ...)
 	NOT-FOR-US: usb-creator, Ubuntu-specific package
 CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 ...)
+	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
 CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform ...)
+	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
 CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static ...)
 	- libmojolicious-perl <not-affected> (Fixed before initial upload)
@@ -988,7 +1645,7 @@
 	NOT-FOR-US: CA Arcot WebFort Versatile Authentication Server
 CVE-2011-1824 (The VEGAOpBitmap::AddLine function in Opera before 10.61 does not ...)
 	NOT-FOR-US: Opera
-CVE-2011-1823
+CVE-2011-1823 (The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 ...)
 	NOT-FOR-US: Android
 CVE-2011-1822 (The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 ...)
 	NOT-FOR-US: Tivoli
@@ -996,69 +1653,66 @@
 	NOT-FOR-US: Tivoli
 CVE-2011-1820 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-1819
+CVE-2011-1819 (Google Chrome before 12.0.742.91 allows remote attackers to perform ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1818
+CVE-2011-1818 (Use-after-free vulnerability in the image loader in Google Chrome ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/86725
-CVE-2011-1817
+CVE-2011-1817 (Google Chrome before 12.0.742.91 does not properly implement history ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1816
+CVE-2011-1816 (Use-after-free vulnerability in the developer tools in Google Chrome ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/86507
-CVE-2011-1815
+CVE-2011-1815 (Google Chrome before 12.0.742.91 allows remote attackers to inject ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions specific)
-CVE-2011-1814
+CVE-2011-1814 (Google Chrome before 12.0.742.91 attempts to read data from an ...)
 	- chromium-browser <not-affected> (chromium pdiflugin)
 	- webkit <not-affected> (chromium pdf plugin)
-CVE-2011-1813
+CVE-2011-1813 (Google Chrome before 12.0.742.91 does not properly implement the ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1812
+CVE-2011-1812 (Google Chrome before 12.0.742.91 allows remote attackers to bypass ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1811
+CVE-2011-1811 (Google Chrome before 12.0.742.91 does not properly handle a large ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <no-dsa> (minor issue)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1810
+CVE-2011-1810 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <no-dsa> (minor issue)
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/83345
-CVE-2011-1809
+CVE-2011-1809 (Use-after-free vulnerability in the accessibility feature in Google ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/80890
-CVE-2011-1808
+CVE-2011-1808 (Use-after-free vulnerability in Google Chrome before 12.0.742.91 ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/84096 http://trac.webkit.org/changeset/84098 http://trac.webkit.org/changeset/84119
-CVE-2011-1807
-	RESERVED
+CVE-2011-1807 (Google Chrome before 11.0.696.71 does not properly handle blobs, which ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1806
-	RESERVED
+CVE-2011-1806 (Google Chrome before 11.0.696.71 does not properly implement the GPU ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1805
 	RESERVED
-CVE-2011-1804
-	RESERVED
+CVE-2011-1804 (rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
@@ -1067,8 +1721,7 @@
 	RESERVED
 CVE-2011-1802
 	RESERVED
-CVE-2011-1801
-	RESERVED
+CVE-2011-1801 (Unspecified vulnerability in Google Chrome before 11.0.696.71 allows ...)
 	- webkit <undetermined>
 	- chromium-browser 11.0.696.71~r86024-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/85977
@@ -1078,6 +1731,7 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/85926
 CVE-2011-1799 (Google Chrome before 11.0.696.68 does not properly perform casts of ...)
+	{DSA-2245-1}
 	- chromium-browser 11.0.696.68~r84545-1
 	- webkit <undetermined>
 CVE-2011-1798
@@ -1088,6 +1742,7 @@
 	NOTE: http://trac.webkit.org/changeset/84085
 CVE-2011-1797
 	RESERVED
+	{DSA-2245-1}
 CVE-2011-1796
 	RESERVED
 	- chromium-browser 11.0.696.65~r84435-1
@@ -1148,16 +1803,16 @@
 	NOT-FOR-US: vSphere
 CVE-2011-1788 (vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before ...)
 	NOT-FOR-US: vCenter
-CVE-2011-1787
-	RESERVED
+CVE-2011-1787 (Race condition in mount.vmhgfs in the VMware Host Guest File System ...)
+	TODO: check
 CVE-2011-1786 (lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 ...)
 	NOT-FOR-US: Likewise
 CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to ...)
 	NOT-FOR-US: VMware
 CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and ...)
 	- keepalived <unfixed>
-CVE-2011-1783 [subversion memory exhaustion]
-	RESERVED
+CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
 CVE-2011-1782
 	RESERVED
@@ -1178,9 +1833,10 @@
 	RESERVED
 CVE-2011-1776
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 <unfixed> (low)
-CVE-2011-1775
-	RESERVED
+CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx ...)
+	TODO: check
 CVE-2011-1774
 	RESERVED
 	- xmlsec1 1.2.14-1.1
@@ -1195,6 +1851,7 @@
 	RESERVED
 CVE-2011-1770
 	RESERVED
+	{DSA-2240-1}
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29 with commit e77b8363b2ea7c0d89919547c1a8b0562f298b57)
@@ -1207,6 +1864,7 @@
 	RESERVED
 CVE-2011-1767
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
 CVE-2011-1764 [DKIM format string issue in exim4]
@@ -1220,14 +1878,14 @@
 	RESERVED
 CVE-2011-1761
 	RESERVED
-CVE-2011-1760 [Arbitrary command execution via sudo opcontrol]
-	RESERVED
+CVE-2011-1760 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...)
+	{DSA-2254-1}
 	- oprofile 0.9.6-1.2 (medium; bug #624212)
 CVE-2011-1759
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 <unfixed>
-CVE-2011-1758 [sssd: flaw handled cached passwords]
-	RESERVED
+CVE-2011-1758 (The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in ...)
 	- sssd <not-affected> (Only affects version 1.5+)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=700867
 	NOTE: http://git.fedorahosted.org/git/?p=sssd.git;a=commitdiff;h=fffdae81651b460f3d2c119c56d5caa09b4de42a
@@ -1235,21 +1893,25 @@
 	RESERVED
 CVE-2011-1756 [citadel-server billion laughs]
 	RESERVED
+	{DSA-2250-1}
 	- citadel <unfixed> (medium)
 CVE-2011-1755 [jabberd2 billion laughs]
 	RESERVED
 	- jabberd2 2.2.8-2.1 (medium)
 CVE-2011-1754 [jabberd14 billion laughs]
 	RESERVED
+	{DSA-2249-1}
 	- jabberd14 1.6.1.1-5.1
 CVE-2011-1753 [ejabberd billion laughs]
 	RESERVED
+	{DSA-2248-1}
 	- ejabberd 2.1.6-2.1 (medium)
-CVE-2011-1752 [subversion null pointer dereference]
-	RESERVED
+CVE-2011-1752 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
 CVE-2011-1751
 	RESERVED
+	{DSA-2241-1}
 	- qemu-kvm 0.14.1+dfsg-1
 	- kvm <undetermined>
 CVE-2011-1750 [virtio-blk: heap buffer overflow caused by unaligned requests]
@@ -1265,12 +1927,15 @@
 	[lenny] - nfs-utils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=697975
 CVE-2011-1748 (The raw_release function in net/can/raw.c in the Linux kernel before ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 <unfixed>
 CVE-2011-1747 (The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not ...)
 	- linux-2.6 <unfixed> (low)
 CVE-2011-1746 (Multiple integer overflows in the (1) agp_allocate_memory and (2) ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1745 (Integer overflow in the agp_generic_insert_memory function in ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1744
 	RESERVED
@@ -1342,33 +2007,32 @@
 	NOT-FOR-US: Microsoft
 CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
 	- iceweasel <unfixed> (unimportant)
-CVE-2011-1711
+CVE-2011-1711 (Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in ...)
 	NOT-FOR-US: Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer
 CVE-2011-1710
 	RESERVED
-CVE-2011-1709
-	RESERVED
+CVE-2011-1709 (GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, ...)
 	- gdm3 <not-affected> (Vulnerable code patched out in Debian package in sid, patched in 3.0.4 experimental)
 	- gdm <not-affected> (Vulnerable code not present)
-CVE-2011-1708
+CVE-2011-1708 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1707
+CVE-2011-1707 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1706
+CVE-2011-1706 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1705
+CVE-2011-1705 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1704
+CVE-2011-1704 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1703
+CVE-2011-1703 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1702
+CVE-2011-1702 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1701
+CVE-2011-1701 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1700
+CVE-2011-1700 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1699
+CVE-2011-1699 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
 	NOT-FOR-US: Novell iPrint Client
 CVE-2011-1698
 	RESERVED
@@ -1496,19 +2160,19 @@
 	NOT-FOR-US: Enano CMS
 CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php ...)
 	NOT-FOR-US: WPtouch plugin for WordPress
-CVE-2011-1651
+CVE-2011-1651 (Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1650
 	RESERVED
-CVE-2011-1649
+CVE-2011-1649 (The Internet Streamer application in Cisco Content Delivery System ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1648
 	RESERVED
-CVE-2011-1647
+CVE-2011-1647 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1646
+CVE-2011-1646 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1645
+CVE-2011-1645 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1644
 	RESERVED
@@ -1524,7 +2188,7 @@
 	RESERVED
 CVE-2011-1638
 	RESERVED
-CVE-2011-1637
+CVE-2011-1637 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1636
 	RESERVED
@@ -1552,7 +2216,7 @@
 	RESERVED
 CVE-2011-1624
 	RESERVED
-CVE-2011-1623
+CVE-2011-1623 (Cisco Media Processing Software before 1.2 on Media Experience Engine ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1622
 	RESERVED
@@ -1592,9 +2256,9 @@
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1603
+CVE-2011-1603 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1602
+CVE-2011-1602 (The su utility on Cisco Unified IP Phones 7900 devices (aka TNP ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1601
 	RESERVED
@@ -1605,20 +2269,21 @@
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
 CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel before ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1597
 	RESERVED
 	NOT-FOR-US: OpenVAS Manager
 CVE-2011-1596
 	RESERVED
-CVE-2011-1595
-	RESERVED
+CVE-2011-1595 (Directory traversal vulnerability in the disk_create function in ...)
 	- rdesktop 1.7.0-1 (low; bug #623552)
 	[squeeze] - rdesktop <no-dsa> (Minor issue)
 	[lenny] - rdesktop <no-dsa> (Minor issue)
 CVE-2011-1594
 	RESERVED
 CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x ...)
 	- wireshark <not-affected> (Windows-specific)
@@ -1642,15 +2307,15 @@
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
 CVE-2011-1585
 	RESERVED
+	{DSA-2240-1}
 	- linux-2.6 <unfixed>
-CVE-2011-1584
-	RESERVED
+CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the Media ...)
+	TODO: check
 CVE-2011-1583
 	RESERVED
 CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1581
-	RESERVED
+CVE-2011-1581 (The bond_select_queue function in drivers/net/bonding/bond_main.c in ...)
 	- linux-2.6 <unfixed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
@@ -1664,8 +2329,7 @@
 	- linux-2.6 <unfixed> (low)
 CVE-2011-1576
 	RESERVED
-CVE-2011-1575
-	RESERVED
+CVE-2011-1575 (The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ...)
 	- pure-ftpd 1.0.30-1
 	NOTE: http://www.pureftpd.org/project/pure-ftpd/news
 CVE-2011-1574 (Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in ...)
@@ -1827,8 +2491,7 @@
 CVE-2011-1518 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
 	{DSA-2231-1}
 	- otrs2 2.4.10+dfsg1-1
-CVE-2011-1521 [python urllib]
-	RESERVED
+CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...)
 	- python3.1 <unfixed> (bug #628453)
 	- python3.2 3.2-3
 	- python2.7 2.7.1-7
@@ -1856,7 +2519,7 @@
 	RESERVED
 CVE-2011-1513
 	RESERVED
-CVE-2011-1512
+CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used ...)
 	NOT-FOR-US: Autonomy KeyView
 CVE-2011-1511
 	RESERVED
@@ -1915,11 +2578,14 @@
 	- tmux 1.4-6 (bug #620304)
 	NOTE: CVE id requested
 CVE-2011-1495 (drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and ...)
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
 CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in ...)
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
 CVE-2011-1493
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-1492 (steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not ...)
 	- roundcube 0.5.1-1
@@ -1943,15 +2609,14 @@
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
 	[lenny] - rsyslog <no-dsa> (Minor issue)
 CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl ...)
+	{DSA-2265-1}
 	- perl 5.10.1-20 (unimportant; bug #622817)
 	NOTE: http://nntp.perl.org/group/perl.perl5.porters/171010
-CVE-2011-1486
-	RESERVED
+CVE-2011-1486 (libvirtd in libvirt before 0.9.0 does not use thread-safe error ...)
 	- libvirt 0.9.0-1 (low; bug #623222)
 	[squeeze] - libvirt <no-dsa> (Minor issue)
 	[lenny] - libvirt <no-dsa> (Minor issue)
-CVE-2011-1485 [/proc race conditions when checking privileges for pkexec.]
-	RESERVED
+CVE-2011-1485 (Race condition in the pkexec utility and polkitd daemon in PolicyKit ...)
 	- policykit-1 0.101-4
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=692922
 	TODO: check
@@ -1972,12 +2637,15 @@
 	[squeeze] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
 CVE-2011-1478
 	RESERVED
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
 CVE-2011-1477
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-1476
 	RESERVED
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-1475 (The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
@@ -2088,6 +2756,7 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/81689
 CVE-2011-1444 (Race condition in the sandbox launcher implementation in Google Chrome ...)
+	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	- webkit <undetermined>
 CVE-2011-1443 (Google Chrome before 11.0.696.57 does not properly implement layering, ...)
@@ -2106,6 +2775,7 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/80773 http://trac.webkit.org/changeset/81088
 CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 ...)
+	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	- webkit <undetermined>
 CVE-2011-1439 (Google Chrome before 11.0.696.57 on Linux does not properly isolate ...)
@@ -2220,7 +2890,7 @@
 	{DSA-2219-1}
 	- xmlsec1 1.2.14-1.1 (bug #620560)
 	NOTE: http://www.aleksey.com/xmlsec/news.html
-CVE-2011-1424
+CVE-2011-1424 (The default configuration of ExShortcut\Web.config in EMC SourceOne ...)
 	NOT-FOR-US: EMC SourceOne Email Management
 CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ...)
 	NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager
@@ -2257,6 +2927,7 @@
 	RESERVED
 CVE-2011-1409 [fex missing check for authid]
 	RESERVED
+	{DSA-2259-1}
 	- fex 20110610-1
 CVE-2011-1408
 	RESERVED
@@ -2265,14 +2936,19 @@
 	- exim4 4.76-1
 	[lenny] - exim4 <not-affected> (Vulnerable code not present)
 CVE-2011-1406 (Mahara before 1.3.6 does not properly handle an https URL in the ...)
+	{DSA-2246-1}
 	- mahara 1.3.6-1
 CVE-2011-1405 (Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows ...)
+	{DSA-2246-1}
 	- mahara 1.3.6-1
 CVE-2011-1404 (Mahara before 1.3.6 does not properly restrict the data in responses ...)
+	{DSA-2246-1}
 	- mahara 1.3.6-1
 CVE-2011-1403 (Cross-site request forgery (CSRF) vulnerability in the pieforms ...)
+	{DSA-2246-1}
 	- mahara 1.3.6-1
 CVE-2011-1402 (Mahara before 1.3.6 allows remote authenticated users to bypass ...)
+	{DSA-2246-1}
 	- mahara 1.3.6-1
 CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber ...)
 	{DSA-2214-1}
@@ -2421,9 +3097,9 @@
 	RESERVED
 CVE-2011-1330
 	RESERVED
-CVE-2011-1329
+CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly ...)
 	NOT-FOR-US: WalRack
-CVE-2011-1328
+CVE-2011-1328 (SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows ...)
 	NOT-FOR-US: RADVISION iVIEW Suite
 CVE-2011-1327 (The Keystroke Encryption feature in Trend Micro Internet Security 2009 ...)
 	NOT-FOR-US: Trend Micro Internet Security
@@ -2516,10 +3192,12 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/80144
 CVE-2011-1293 (Use-after-free vulnerability in the HTMLCollection implementation in ...)
+	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/80797
 CVE-2011-1292 (Use-after-free vulnerability in the frame-loader implementation in ...)
+	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/79808
@@ -2552,75 +3230,75 @@
 	RESERVED
 CVE-2011-1281
 	RESERVED
-CVE-2011-1280 (The XML Editor ... does not properly handle external entities ...)
+CVE-2011-1280 (The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server ...)
 	NOT-FOR-US: Microsoft InfoPath, SQL Server, SQL Server Management Studio Express, Visual Studio
-CVE-2011-1279 (... do not properly validate record information ...)
+CVE-2011-1279 (Microsoft Excel 2002 SP3 and 2003 SP3; Office 2004 and 2008 for Mac, ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1278 (... do not properly validate record information ...)
+CVE-2011-1278 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
 	NOT-FOR-US: Microsoft Excel, Office
-CVE-2011-1277 (... do not properly validate record information ...)
+CVE-2011-1277 (Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1276 (Buffer overflow ...)
+CVE-2011-1276 (Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1275 (... do not properly validate record information ...)
+CVE-2011-1275 (Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1274 (... do not properly validate record information ...)
+CVE-2011-1274 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1273 (... do not properly validate record information ...)
+CVE-2011-1273 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1272 (... do not properly validate record structures ...)
+CVE-2011-1272 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework before 4 beta 2, when ...)
+CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2011-1270 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
 	NOT-FOR-US: Microsoft PowerPoint 2002 SP3 and 2003 SP3
 CVE-2011-1269 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-1268 (The SMB client ... allows remote SMB servers to execute arbitrary ...)
+CVE-2011-1268 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1267 (The SMB server ... allows remote attackers to cause a denial of service ...)
+CVE-2011-1267 (The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1266 (The Vector Markup Language (VML) implementation in vgx.dll ...)
+CVE-2011-1266 (The Vector Markup Language (VML) implementation in vgx.dll in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1265
 	RESERVED
-CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment  ...)
+CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1263
 	RESERVED
-CVE-2011-1262 (... does not properly handle objects in memory ...)
+CVE-2011-1262 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1261 (... does not properly handle objects in memory ...)
+CVE-2011-1261 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1260 (... does not properly handle objects in memory ...)
+CVE-2011-1260 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1259
 	RESERVED
-CVE-2011-1258 (... does not properly restrict web script ...)
+CVE-2011-1258 (Microsoft Internet Explorer 6 through 8 does not properly restrict web ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1257
 	RESERVED
-CVE-2011-1256 (... does not properly handle objects in memory ...)
+CVE-2011-1256 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1255 (The Timed Interactive Multimedia Extensions ... does not properly handle objects in memory ...)
+CVE-2011-1255 (The Timed Interactive Multimedia Extensions (aka HTML+TIME) ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1254 (... does not properly handle objects in memory ...)
+CVE-2011-1254 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1253
 	RESERVED
-CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API ...)
+CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1251 (... does not properly handle objects in memory ...)
+CVE-2011-1251 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1250 (... does not properly handle objects in memory ...)
+CVE-2011-1250 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1249 (The Ancillary Function Driver (AFD) in afd.sys ... does not properly validate user-mode input ...)
+CVE-2011-1249 (The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1247
 	RESERVED
-CVE-2011-1246 (... does not properly handle content settings in HTTP responses ...)
+CVE-2011-1246 (Microsoft Internet Explorer 8 does not properly handle content ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script ...)
 	NOT-FOR-US: Microsoft Internet Explorer
@@ -2676,21 +3354,21 @@
 	RESERVED
 CVE-2011-1221
 	RESERVED
-CVE-2011-1220
+CVE-2011-1220 (Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM ...)
 	NOT-FOR-US: IBM Tivoli Management Framework
 CVE-2011-1219
 	RESERVED
-CVE-2011-1218
+CVE-2011-1218 (Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1217
+CVE-2011-1217 (Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1216
+CVE-2011-1216 (Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1215
+CVE-2011-1215 (Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1214
+CVE-2011-1214 (Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1213
+CVE-2011-1213 (Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM ...)
 	NOT-FOR-US: Autonomy KeyView
 CVE-2011-1212
 	RESERVED
@@ -2834,16 +3512,18 @@
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1182
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 CVE-2011-1181 [missing error handling in linux netdev]
 	RESERVED
 	- linux-2.6 <not-affected> (No security issue, see http://marc.info/?l=linux-netdev&m=130075091711143&w=2)
 CVE-2011-1180
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-1179 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...)
 	NOT-FOR-US: SPICE Firefox plug-in
-CVE-2011-1178 (Multiple integer overflows in the load_image function in file-pcx.c ...)
+CVE-2011-1178 (Multiple integer overflows in the load_image function in file-pcx.c in ...)
 	- gimp 2.6.10-1
 	NOTE: Likely fixed earlier, but only the squeeze version was checked 
 CVE-2011-1177
@@ -2863,15 +3543,19 @@
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
 CVE-2011-1173
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1172
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1171
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1170
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1169 (Array index error in the asihpi_hpi_ioctl function in ...)
 	- linux-2.6 2.6.38-2
@@ -2893,6 +3577,7 @@
 CVE-2011-1164
 	RESERVED
 CVE-2011-1163 (The osf_partition function in fs/partitions/osf.c in the Linux kernel ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1
 CVE-2011-1162
 	RESERVED
@@ -2902,6 +3587,7 @@
 	- linux-2.6 <unfixed> (low)
 CVE-2011-1160
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1159
 	RESERVED
@@ -3173,6 +3859,7 @@
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
 CVE-2011-1090 (The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1 (low)
 CVE-2011-1089 (The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ...)
 	- glibc <removed>
@@ -3204,14 +3891,17 @@
 	[squeeze] - openldap <no-dsa> (Minor issue)
 CVE-2011-1080
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1079
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
 CVE-2011-1078
 	RESERVED
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1077
+CVE-2011-1077 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva ...)
 	NOT-FOR-US: Apache Archiva
 CVE-2011-1076
 	RESERVED
@@ -3362,7 +4052,7 @@
 	RESERVED
 CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c in ...)
 	NOT-FOR-US: cgit
-CVE-2011-1026
+CVE-2011-1026 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache ...)
 	NOT-FOR-US: Apache Archiva
 CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require ...)
 	- openldap 2.4.25-1 (unimportant; bug #617606)
@@ -3395,8 +4085,10 @@
 	{DSA-2182-1}
 	- logwatch 7.3.6.cvs20090906-2 (bug #615995)
 CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in ...)
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not ...)
+	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
 CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in ...)
 	- python2.6 <unfixed> (low; bug #614860)
@@ -3646,7 +4338,7 @@
 	NOT-FOR-US: Cisco ACS
 CVE-2011-0950
 	RESERVED
-CVE-2011-0949
+CVE-2011-0949 (Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0948
 	RESERVED
@@ -3658,7 +4350,7 @@
 	RESERVED
 CVE-2011-0944
 	RESERVED
-CVE-2011-0943
+CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0942
 	RESERVED
@@ -3810,69 +4502,59 @@
 	RESERVED
 CVE-2011-0874
 	RESERVED
-CVE-2011-0873
-	RESERVED
+CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0872
-	RESERVED
+CVE-2011-0872 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0871
-	RESERVED
+CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
 CVE-2011-0870
 	RESERVED
-CVE-2011-0869
-	RESERVED
+CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment ...)
+CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 <undetermined>
 	- openjdk-6 <undetermined>
-CVE-2011-0867
-	RESERVED
+CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0866
-	RESERVED
+CVE-2011-0866 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0865
-	RESERVED
+CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0864
-	RESERVED
+CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0863
-	RESERVED
+CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0862
-	RESERVED
+CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
@@ -3965,22 +4647,19 @@
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
 CVE-2011-0818 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0817
-	RESERVED
+CVE-2011-0817 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
 CVE-2011-0816
 	RESERVED
-CVE-2011-0815
-	RESERVED
+CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
-CVE-2011-0814
-	RESERVED
+CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
@@ -4007,8 +4686,7 @@
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-0802
-	RESERVED
+CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
@@ -4039,16 +4717,14 @@
 	NOT-FOR-US: Oracle Solaris
 CVE-2011-0789 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0788
-	RESERVED
+CVE-2011-0788 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 <undetermined> (bug #629852)
 CVE-2011-0787 (Unspecified vulnerability in the Application Service Level Management ...)
 	NOT-FOR-US: Oracle
-CVE-2011-0786
-	RESERVED
+CVE-2011-0786 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
 	- sun-java6 6.26-1 (bug #629852)
@@ -4143,10 +4819,9 @@
 	RESERVED
 CVE-2011-0768
 	RESERVED
-CVE-2011-0767
-	RESERVED
-CVE-2011-0766 [Erlang OTP broken random number generator in SSH implementation]
-	RESERVED
+CVE-2011-0767 (Cross-site scripting (XSS) vulnerability in the management GUI in the ...)
+	TODO: check
+CVE-2011-0766 (The random number generator in the Crypto application before 2.0.2.2, ...)
 	- erlang <unfixed> (bug #628456)
 	NOTE: http://www.kb.cert.org/vuls/id/178990
 	NOTE: https://github.com/erlang/otp/commit/f228601de45c5
@@ -4265,8 +4940,8 @@
 	NOT-FOR-US: IBM Tivoli Integrated Portal
 CVE-2011-0731 (Buffer overflow in the DB2 Administration Server (DAS) component in ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-0730
-	RESERVED
+CVE-2011-0730 (Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in ...)
+	TODO: check
 CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
 CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in ...)
@@ -4277,6 +4952,7 @@
 	- gdm <not-affected> (Affected code was introduced in 2.28)
 CVE-2011-0726
 	RESERVED
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 2.6.26-26lenny3
 	[squeeze] - linux-2.6 2.6.32-32
@@ -4340,6 +5016,7 @@
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 CVE-2011-0711 (The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 <unfixed> (low)
 CVE-2011-0710 (The task_show_regs function in arch/s390/kernel/traps.c in the Linux ...)
 	- linux-2.6 2.6.37-2 (low)
@@ -4405,6 +5082,7 @@
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
 	[squeeze] - python-django 1.2.3-3+squeeze1
 CVE-2011-0695 (Race condition in the cm_work_handler function in the InfiniBand ...)
+	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 CVE-2011-0694 (RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and ...)
 	NOT-FOR-US: RealPlayer
@@ -4480,7 +5158,7 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0664 (... does not properly validate arguments to unspecified networking API functions ...)
+CVE-2011-0664 (Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and ...)
 	NOT-FOR-US: Microsoft .NET Framework, Silverlight
 CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6 through ...)
 	NOT-FOR-US: Microsoft JScript
@@ -4492,7 +5170,7 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0659
 	RESERVED
-CVE-2011-0658 (Integer underflow in the OLE Automation protocol implementation in VBScript.dll ...)
+CVE-2011-0658 (Integer underflow in the OLE Automation protocol implementation in ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Windows
@@ -4587,10 +5265,10 @@
 	RESERVED
 CVE-2011-0630
 	RESERVED
-CVE-2011-0629 (Cross-site request forgery (CSRF) vulnerability ...)
+CVE-2011-0629 (Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0628
-	RESERVED
+CVE-2011-0628 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, ...)
+	TODO: check
 CVE-2011-0627 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0626 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
@@ -4753,7 +5431,7 @@
 	RESERVED
 CVE-2011-0547
 	RESERVED
-CVE-2011-0546
+CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
@@ -5045,8 +5723,10 @@
 CVE-2011-0448 (Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the ...)
 	- rails <not-affected> (Only affects 3.x)
 CVE-2011-0447 (Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before ...)
+	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
 CVE-2011-0446 (Multiple cross-site scripting (XSS) vulnerabilities in the mail_to ...)
+	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
 CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as ...)
 	- gif2png 2.5.4-2 (low; bug #610479)
@@ -5140,8 +5820,7 @@
 CVE-2011-0419 (Stack consumption vulnerability in the fnmatch implementation in ...)
 	{DSA-2237-2}
 	- apr 1.4.4-1 (low)
-CVE-2011-0418
-	RESERVED
+CVE-2011-0418 (The glob implementation in Pure-FTPd before 1.0.32, and in libc in ...)
 	- pure-ftpd <unfixed>
 	TODO: File bug
 CVE-2011-0417
@@ -5322,7 +6001,7 @@
 	RESERVED
 CVE-2011-0336
 	RESERVED
-CVE-2011-0335 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-0335 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-0334
 	RESERVED
@@ -5352,13 +6031,13 @@
 	NOT-FOR-US: EMC RSA Access Manager Server
 CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2011-0320 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-0320 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0319 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-0319 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0318 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-0318 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0317 (Dirapi.dll ... allows attackers to execute arbitrary code or cause a denial of service ...)
+CVE-2011-0317 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-0316 (The Administrative Console component in IBM WebSphere Application ...)
 	NOT-FOR-US: IBM WebSphere Application Server
@@ -5539,8 +6218,8 @@
 	TODO: check
 CVE-2010-4664
 	RESERVED
-CVE-2010-4663
-	RESERVED
+CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple ...)
+	TODO: check
 CVE-2010-4662
 	RESERVED
 CVE-2010-4661 [arbitrary kernel module loading]
@@ -6183,8 +6862,7 @@
 	RESERVED
 CVE-2011-0083
 	RESERVED
-CVE-2011-0082
-	RESERVED
+CVE-2011-0082 (The X.509 certificate validation functionality in Mozilla Firefox ...)
 	- xulrunner <removed>
 	- iceweasel <unfixed> (low; bug #627552)
 CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
@@ -6697,14 +7375,15 @@
 	RESERVED
 CVE-2009-5025
 	RESERVED
-CVE-2009-5024
-	RESERVED
+CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb ...)
+	TODO: check
 CVE-2009-5023 [fail2ban: Insecure creating/writing to tmpfile]
 	RESERVED
 	- fail2ban 0.8.4+svn20110323-1 (low; bug #544232)
 	[lenny] - fail2ban <no-dsa> (Minor issue)
 	[squeeze] - fail2ban <no-dsa> (Minor issue)
 CVE-2009-5022 (Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in ...)
+	{DSA-2256-1}
 	- tiff 3.9.5-1 (bug #624287)
 	[lenny] - tiff <not-affected> (3.9+ only)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
@@ -7503,6 +8182,7 @@
 	[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
 	NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
 CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote ...)
+	{DSA-2253-1}
 	- fontforge 0.0.20100501-4 (bug #605537)
 CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before ...)
 	{DSA-2153-1}
@@ -7523,8 +8203,7 @@
 CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...)
 	- openssl <not-affected> (configured with -DOPENSSL_NO_JPAKE; bug #606902)
 	NOTE: http://www.openssl.org/news/secadv_20101202.txt
-CVE-2010-4251
-	RESERVED
+CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux kernel ...)
 	- linux-2.6 <not-affected> (introduced after 2.6.32; fixed in 2.6.37)
 CVE-2010-4250 [linux inotify memory leak]
 	RESERVED
@@ -8470,7 +9149,7 @@
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
 CVE-2010-3875 (The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel ...)
-	{DSA-2126-1}
+	{DSA-2264-1 DSA-2240-1 DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
 CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
 	{DSA-2126-1}
@@ -13007,8 +13686,7 @@
 	RESERVED
 	- makepasswd 1.10-5 (low; bug #564559)
 	[lenny] - makepasswd 1.10-3+lenny1
-CVE-2010-2246 [feh --wget-timestamp issue]
-	RESERVED
+CVE-2010-2246 (feh before 1.8, when the --wget-timestamp option is enabled, might ...)
 	- feh 1.8-1 (low; bug #587205)
 	[lenny] - feh <no-dsa> (Minor issue)
 CVE-2010-2245
@@ -21068,6 +21746,7 @@
 	- mysql-dfsg-5.1 <unfixed> (low; bug #569484)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
 CVE-2009-4214 (Cross-site scripting (XSS) vulnerability in the strip_tags function in ...)
+	{DSA-2260-1}
 	- rails 2.2.3-2 (low; bug #558685)
 	NOTE: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1
 CVE-2008-7248 (Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify ...)
@@ -21289,8 +21968,8 @@
 	{DSA-1968-1}
 	- pdns-recursor 3.1.7.2-1 (high)
 	[etch] - pdns-recursor <not-affected> (vulnerable code not present)
-CVE-2009-4008 [Unbound DNSSEC validation failure induced by crafted queries]
-	RESERVED
+CVE-2009-4008 (Unbound before 1.4.4 does not send responses for signed zones after ...)
+	{DSA-2243-1}
 	- unbound 1.4.4-1 (low)
 CVE-2009-4007 (Unspecified vulnerability in the NormaliseTrainConsist function in ...)
 	- openttd 0.7.5-1
@@ -24181,6 +24860,7 @@
 CVE-2009-3087 (Unspecified vulnerability in nserver.exe in the server in IBM Lotus ...)
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x ...)
+	{DSA-2260-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Minor issue)
 CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ...)




More information about the Secure-testing-commits mailing list