[Secure-testing-commits] r16386 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Mar 16 07:27:46 UTC 2011
Author: jmm
Date: 2011-03-16 07:27:34 +0000 (Wed, 16 Mar 2011)
New Revision: 16386
Modified:
data/CVE/list
Log:
libvirt fixed
krb5 no-dsa as discussed with maintainer
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-03-15 21:14:56 UTC (rev 16385)
+++ data/CVE/list 2011-03-16 07:27:34 UTC (rev 16386)
@@ -605,7 +605,7 @@
TODO: check vuln versions
CVE-2011-1146 [libvirt: several API calls do not honour read-only connection]
RESERVED
- - libvirt <unfixed> (low; bug #617773)
+ - libvirt 0.8.8-3 (low; bug #617773)
[lenny] - libvirt <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=683650
CVE-2011-1145 [buffer overflow in unixODBC's SQLDriverConnect()]
@@ -3017,7 +3017,9 @@
RESERVED
CVE-2011-0284 [krb5 kdc double-free]
RESERVED
- - krb5 <unfixed> (bug #618517)
+ - krb5 <unfixed> (low; bug #618517)
+ [squeeze] - krb5 <no-dsa> (Will be fixed through a point update)
+ [lenny] - krb5 <no-dsa> (Will be fixed through a point update)
CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 ...)
- krb5 <not-affected> (Only affects 1.9.x)
[squeeze] - krb5 <no-dsa> (minor issue)
More information about the Secure-testing-commits
mailing list