[Secure-testing-commits] r16860 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jun 29 18:00:36 UTC 2011 

Author: jmm
Date: 2011-06-29 18:00:35 +0000 (Wed, 29 Jun 2011)
New Revision: 16860

Modified:
   data/CVE/list
Log:
new kernel issue
dokuwiki fixed, fixup description
asterisk fixed, fixup severity
kfreebsd fixed, icedove fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-06-29 17:58:07 UTC (rev 16859)
+++ data/CVE/list	2011-06-29 18:00:35 UTC (rev 16860)
@@ -1,7 +1,7 @@
 CVE-2011-XXXX [pyro: pidfile in /tmp, opened insecurely]
 	- pyro <unfixed> (bug #631912)
 CVE-2011-2534 (Buffer overflow in the clusterip_proc_write function in ...)
-	TODO: check
+	- linux-2.6 2.6.39-1 (low)
 CVE-2011-2533 (The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows ...)
 	TODO: check
 CVE-2011-2532 (The json.decode function in util/json.lua in Prosody 0.8.x before ...)
@@ -10,25 +10,23 @@
 	TODO: check
 CVE-2011-2530 (Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware ...)
 	TODO: check
-CVE-2011-XXXX [dokuwiki ACL bypass]
-	- dokuwiki <unfixed> (low; bug #631818)
+CVE-2011-XXXX [dokuwiki XSS in RSS code]
+	- dokuwiki 0.0.20110525a-1 (low; bug #631818)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
 	[lenny] - dokuwiki <no-dsa> (Minor issue)
+	NOTE: CVE Id requested
 CVE-2011-XXXX [asterisk: AST-2011-009 - crash on malformed SIP packet]
-	- asterisk <unfixed> (bug #631445)
+	- asterisk 1:1.8.4.3-1 (bug #631445)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
 CVE-2011-2535 [asterisk: AST-2011-010 - crash due to using remote pointers]
 	RESERVED
-	- asterisk <unfixed> (bug #631448)
+	- asterisk 1:1.8.4.3-1 (bug #631448)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
 CVE-2011-2529 [asterisk: AST-2011-008 - remote unauthenticated, null character]
 	RESERVED
-	- asterisk <unfixed> (unimportant; bug #631446)
-	[squeeze] - asterisk <no-dsa> (DoS issue)
-	[lenny] - asterisk <not-affected>
-	NOTE: DoS
+	- asterisk 1:1.8.4.3-1 (bug #631446)
 CVE-2011-2528
 	RESERVED
 CVE-2011-2527
@@ -143,8 +141,8 @@
 	RESERVED
 CVE-2011-2480 [kfreebsd info disclosure]
 	RESERVED
-	- kfreebsd-9 <unfixed> (bug #631160)
-	- kfreebsd-8 <unfixed> (bug #631161)
+	- kfreebsd-9 9.0~svn223502-1 (bug #631160)
+	- kfreebsd-8 8.2-3 (bug #631161)
 	- kfreebsd-7 <removed>
 CVE-2011-2479
 	RESERVED
@@ -338,7 +336,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2376
 	RESERVED
 	- xulrunner <removed>
@@ -346,7 +344,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2375
 	RESERVED
 	- xulrunner <not-affected> (Only affects Firefox 5.0, not yet in unstable)
@@ -358,7 +356,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2373
 	RESERVED
 	- xulrunner <removed>
@@ -366,7 +364,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2372
 	RESERVED
 CVE-2011-2371
@@ -376,7 +374,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2370
 	RESERVED
 	- xulrunner <removed>
@@ -408,7 +406,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2364
 	RESERVED
 	- xulrunner <removed>
@@ -416,7 +414,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
-	- icedove <unfixed>
+	- icedove 3.1.11-1
 CVE-2011-2363
 	RESERVED
 CVE-2011-2362

More information about the Secure-testing-commits mailing list