[Secure-testing-commits] r16863 - in data: . CVE
Jonathan Wiltshire
jmw at alioth.debian.org
Wed Jun 29 20:01:48 UTC 2011
Author: jmw
Date: 2011-06-29 20:01:48 +0000 (Wed, 29 Jun 2011)
New Revision: 16863
Modified:
data/CVE/list
data/next-point-update.txt
Log:
Merge release 6.0.2 fixes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-06-29 19:59:25 UTC (rev 16862)
+++ data/CVE/list 2011-06-29 20:01:48 UTC (rev 16863)
@@ -1494,7 +1494,7 @@
CVE-2011-1932 [directory traversal when receiving world data through a multiplayer game]
RESERVED
- widelands 1:15-3 (low; bug #617960)
- [squeeze] - widelands <no-dsa> (Minor issue)
+ [squeeze] - widelands 1:15-3squeeze1
[lenny] - widelands <no-dsa> (Minor issue)
CVE-2011-1931 [ffmpeg AMV out of array write]
RESERVED
@@ -2456,6 +2456,7 @@
- mediawiki <not-affected> (Incomplete fix never used in Debian)
CVE-2011-1586 (Directory traversal vulnerability in the ...)
- kdenetwork <unfixed>
+ [squeeze] - kdenetwork 4:4.4.5-2+squeeze1
[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
CVE-2011-1585
RESERVED
@@ -3712,7 +3713,7 @@
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
CVE-2011-1168 (Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError ...)
- kde4libs 4:4.4.5-4 (low)
- [squeeze] - kde4libs <no-dsa> (Minor issue)
+ [squeeze] - kde4libs 4:4.4.5-2+squeeze2
[lenny] - kde4libs <no-dsa> (Minor issue)
CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...)
{DSA-2210-1}
@@ -3991,7 +3992,7 @@
NOTE: http://bugs.gentoo.org/show_bug.cgi?id=330923
CVE-2011-1094 (kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not ...)
- kde4libs 4:4.4.5-4 (low)
- [squeeze] - kde4libs <no-dsa> (Minor issue)
+ [squeeze] - kde4libs 4:4.4.5-2+squeeze2
[lenny] - kde4libs <no-dsa> (Minor issue)
- kdelibs <undetermined>
NOTE: http://seclists.org/oss-sec/2011/q1/434
@@ -4038,7 +4039,7 @@
CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote ...)
- openldap 2.4.25-1 (low; bug #617606)
[lenny] - openldap <no-dsa> (Minor issue)
- [squeeze] - openldap <no-dsa> (Minor issue)
+ [squeeze] - openldap 2.4.23-7.1
CVE-2011-1080
RESERVED
{DSA-2264-1 DSA-2240-1}
@@ -4206,11 +4207,12 @@
NOT-FOR-US: Apache Archiva
CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require ...)
- openldap 2.4.25-1 (unimportant; bug #617606)
+ [squeeze] - openldap 2.4.23-7.1
NOTE: NBD backend disabled in Debian builds
CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a ...)
- openldap 2.4.25-1 (low; bug #617606)
[lenny] - openldap <no-dsa> (Minor issue)
- [squeeze] - openldap <no-dsa> (Minor issue)
+ [squeeze] - openldap 2.4.23-7.1
CVE-2011-1023
RESERVED
- linux-2.6 2.6.38-1
@@ -4655,59 +4657,60 @@
RESERVED
CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0872 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0870
RESERVED
CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0866 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
+ - sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0861 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
@@ -4800,19 +4803,19 @@
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2011-0817 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0816
RESERVED
CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined>
CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
@@ -4839,7 +4842,7 @@
NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
@@ -4870,14 +4873,14 @@
NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-0788 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0787 (Unspecified vulnerability in the Application Service Level Management ...)
NOT-FOR-US: Oracle
CVE-2011-0786 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
- [squeeze] - sun-java6 <no-dsa> (non-free not supported)
+ [squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0785 (Unspecified vulnerability in the Oracle Help component in Oracle ...)
@@ -11326,9 +11329,9 @@
- nss 3.12.8-1
- kde4libs 4:4.4.5-4 (low)
- qt4-x11 4:4.7.2-4 (low)
- [squeeze] - qt4-x11 <no-dsa> (Minor issue)
+ [squeeze] - qt4-x11 4:4.6.3-4+squeeze1
[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
- [squeeze] - kde4libs <no-dsa> (Minor issue)
+ [squeeze] - kde4libs 4:4.4.5-2+squeeze2
[lenny] - kde4libs <no-dsa> (Minor issue)
CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
{DSA-2106-1}
@@ -13957,7 +13960,7 @@
CVE-2010-2200
RESERVED
- dbus 1.4.12-1 (low; bug #629938)
- [squeeze] - dbus <no-dsa> (Minor issue, will be fixed in point update)
+ [squeeze] - dbus 1.2.24-4+squeeze1
[lenny] - dbus <no-dsa> (Minor issue)
CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...)
- rpm <unfixed> (bug #584257; unimportant)
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2011-06-29 19:59:25 UTC (rev 16862)
+++ data/next-point-update.txt 2011-06-29 20:01:48 UTC (rev 16863)
@@ -1,61 +1,4 @@
CVE-2011-XXXX
[lenny] - tesseract 2.03-2+lenny1 (bug #612032)
-CVE-2011-1094
- [squeeze] - kde4libs 4:4.4.5-2+squeeze2
-CVE-2011-1932
- [squeeze] - widelands 1:15-3squeeze1
-CVE-2011-1168
- [squeeze] - kde4libs 4:4.4.5-2+squeeze2
-CVE-2010-3170
- [squeeze] - kde4libs 4:4.4.5-2+squeeze2
- [squeeze] - qt4-x11 4:4.6.3-4+squeeze1
-CVE-2011-1586
- [squeeze] - kdenetwork 4:4.4.5-2+squeeze1
CVE-2011-1930
[squeeze] - klibc 1.5.20-2
-CVE-2011-1024
- [squeeze] - openldap 2.4.23-7.1
-CVE-2011-1025
- [squeeze] - openldap 2.4.23-7.1
-CVE-2011-1081
- [squeeze] - openldap 2.4.23-7.1
-CVE-2011-0862
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0873
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0815
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0817
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0863
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0864
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0802
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0814
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0871
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0786
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0788
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0866
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0868
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0872
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0867
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0869
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2011-0865
- [squeeze] - sun-java6 6.26-0squeeze1
-CVE-2010-2200
- [squeeze] - dbus 1.2.24-4+squeeze1
-
-
-
-
More information about the Secure-testing-commits
mailing list