[Secure-testing-commits] r16867 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jun 30 16:32:36 UTC 2011
Author: jmm
Date: 2011-06-30 16:32:36 +0000 (Thu, 30 Jun 2011)
New Revision: 16867
Modified:
data/CVE/list
Log:
glibc fixed
new kernel issues
new movabletype issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-06-29 21:20:50 UTC (rev 16866)
+++ data/CVE/list 2011-06-30 16:32:36 UTC (rev 16867)
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [unspecified security vulnerabilities from 4.3.7]
+ - movabletype-opensource 4.3.7+dfsg-1 (bug #631437)
CVE-2011-2536 [AST-2011-011]
- asterisk <unfixed> (bug #632029)
CVE-2011-XXXX [pyro: pidfile in /tmp, opened insecurely]
@@ -105,10 +107,13 @@
- linux-2.6 <unfixed> (low)
CVE-2011-2493
RESERVED
+ - linux-2.6 2.6.39-1 (low)
CVE-2011-2492
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2011-2491
RESERVED
+ - linux-2.6 <unfixed>
CVE-2011-2490 [opie: missing setuid() retval check in opielogin]
RESERVED
- opie <unfixed> (bug #631345)
@@ -128,7 +133,7 @@
RESERVED
- gdk-pixbuf 2.23.3-3.1 (bug #631524)
CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...)
- TODO: check
+ - linux-2.6 <unfixed> (low)
CVE-2011-2483 [openwall blowfish implementation weakness]
RESERVED
- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
@@ -2281,7 +2286,7 @@
CVE-2011-1660 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: GrapeCity Data Dynamics Reports
CVE-2011-1659 (Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...)
- - eglibc <unfixed>
+ - eglibc 2.13-8
- glibc <removed>
NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa
CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...)
More information about the Secure-testing-commits
mailing list