[Secure-testing-commits] r16459 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Mar 30 21:16:13 UTC 2011


Author: joeyh
Date: 2011-03-30 21:16:10 +0000 (Wed, 30 Mar 2011)
New Revision: 16459

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-03-30 20:04:21 UTC (rev 16458)
+++ data/CVE/list	2011-03-30 21:16:10 UTC (rev 16459)
@@ -1,3 +1,49 @@
+CVE-2011-1547
+	RESERVED
+CVE-2011-1546
+	RESERVED
+CVE-2011-1545
+	RESERVED
+CVE-2011-1544
+	RESERVED
+CVE-2011-1543
+	RESERVED
+CVE-2011-1542
+	RESERVED
+CVE-2011-1541
+	RESERVED
+CVE-2011-1540
+	RESERVED
+CVE-2011-1539
+	RESERVED
+CVE-2011-1538
+	RESERVED
+CVE-2011-1537
+	RESERVED
+CVE-2011-1536
+	RESERVED
+CVE-2011-1535
+	RESERVED
+CVE-2011-1534
+	RESERVED
+CVE-2011-1533
+	RESERVED
+CVE-2011-1532
+	RESERVED
+CVE-2011-1531
+	RESERVED
+CVE-2011-1530
+	RESERVED
+CVE-2011-1529
+	RESERVED
+CVE-2011-1528
+	RESERVED
+CVE-2011-1527
+	RESERVED
+CVE-2011-1526
+	RESERVED
+CVE-2011-1525
+	RESERVED
 CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator 
 CVE-2011-1523
@@ -144,8 +190,8 @@
 	RESERVED
 CVE-2011-1473
 	RESERVED
-CVE-2011-1472
-	RESERVED
+CVE-2011-1472 (The Nokia E75 phone with firmware before 211.12.01 allows physically ...)
+	TODO: check
 CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
 	NOT-FOR-US: IBM Lotus Quickr
 CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
@@ -776,8 +822,8 @@
 	RESERVED
 CVE-2011-1206
 	RESERVED
-CVE-2011-1205
-	RESERVED
+CVE-2011-1205 (Multiple buffer overflows in unspecified COM objects in Rational ...)
+	TODO: check
 CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <no-dsa> (hard merge)
@@ -912,8 +958,7 @@
 	RESERVED
 CVE-2011-1177
 	RESERVED
-CVE-2011-1176 [apache2-mpm-itk config misparsing]
-	RESERVED
+CVE-2011-1176 (The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk ...)
 	{DSA-2202-1}
 	- apache2 2.2.17-2 (bug #618857; medium)
 	[lenny] - apache2 <not-affected> (different source package in lenny: apache2-mpm-itk)
@@ -1834,8 +1879,8 @@
 	RESERVED
 CVE-2011-0893
 	RESERVED
-CVE-2011-0892
-	RESERVED
+CVE-2011-0892 (Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and ...)
+	TODO: check
 CVE-2011-0891
 	RESERVED
 CVE-2011-0890 (HP Discovery &amp; Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, ...)
@@ -2262,8 +2307,7 @@
 	RESERVED
 CVE-2011-0729
 	RESERVED
-CVE-2011-0728
-	RESERVED
+CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in ...)
 	- loggerhead 1.18.1-1
 CVE-2011-0727
 	RESERVED
@@ -2294,7 +2338,7 @@
 	NOT-FOR-US: Joomla JRadio addon
 CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	NOT-FOR-US: Joomla Lyftenbloggie addon
-CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...)
+CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, ...)
 	- plone3 <removed>
 	TODO: check
 CVE-2011-0719 (Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 ...)
@@ -3050,8 +3094,7 @@
 	NOT-FOR-US: tinyBB
 CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2011-0441 [arbitrary files removal via cronjob]
-	RESERVED
+CVE-2011-0441 (The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows ...)
 	{DSA-2195-1}
 	- php5 5.3.6-1 (bug #618489)
 	NOTE: Debian-specific
@@ -3130,6 +3173,7 @@
 CVE-2011-0415
 	RESERVED
 CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative ...)
+	{DSA-2208-1}
 	- bind9 1:9.7.3.dfsg-1 
 	[lenny] - bind9 <not-affected> (Introduced in 9.7.1)
 CVE-2011-0413 (The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV ...)
@@ -8043,10 +8087,10 @@
 	NOT-FOR-US: VMware Workstation
 CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
 	- vlc 1.1.8-1
-        NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
+	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
 CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
 	- vlc 1.1.8-1
-        NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
+	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
 CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: ZOHO ManageEngine
 CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
@@ -10921,6 +10965,7 @@
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
 CVE-2010-2227 (Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 ...)
+	{DSA-2207-1}
 	- tomcat5.5 <removed>
 	- tomcat6 6.0.28-1 (bug #588813)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
@@ -12445,12 +12490,10 @@
 CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
 	{DSA-2136-1}
 	- tor 0.2.1.26-6
-CVE-2010-1675
-	RESERVED
+CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a ...)
 	{DSA-2197-1}
 	- quagga 0.99.18-1
-CVE-2010-1674
-	RESERVED
+CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows ...)
 	{DSA-2197-1}
 	- quagga 0.99.18-1
 CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing]
@@ -14130,6 +14173,7 @@
 CVE-2010-1158 (Integer overflow in the regular expression engine in Perl 5.8.x allows ...)
 	- perl <not-affected> (re engine rewritten for 5.10 to address issues such as this; and proof-of-concept not effective)
 CVE-2010-1157 (Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might ...)
+	{DSA-2207-1}
 	- tomcat6 6.0.26-5 (bug #587447; unimportant)
 	- tomcat5.5 <removed> (unimportant)
 	NOTE: Negligable information disclosure
@@ -22878,6 +22922,7 @@
 	- linux-2.6 2.6.31-1 (low)
 	- linux-2.6.24 <removed> (low)
 CVE-2009-2902 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through ...)
+	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5.5 <removed>
@@ -23713,6 +23758,7 @@
 	[lenny] - gaim <not-affected> (Only a transitional package)
 	- gaim <removed>
 CVE-2009-2693 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through ...)
+	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (The package only ships the servlet packages)
 	- tomcat5.5 <removed>
@@ -29962,6 +30008,7 @@
 	- systemtap 0.0.20090314-2
 	[etch] - systemtap <not-affected> (vulnerable code not present)
 CVE-2009-0783 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+	{DSA-2207-1}
 	- tomcat5.5 <unfixed> (low; bug #532366)
 	- tomcat6 6.0.20-1 (low; bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
@@ -29969,6 +30016,7 @@
 CVE-2009-0782
 	REJECTED
 CVE-2009-0781 (Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the ...)
+	{DSA-2207-1}
 	- tomcat5.5 <unfixed> (unimportant; bug #532366)
 	- tomcat6 6.0.20-1 (unimportant; bug #532362)
 	- tomcat5 <removed> (unimportant; bug #532363)
@@ -31058,6 +31106,7 @@
 	- lcms 1.18.dfsg-1 (bug #522446)
 	- openjdk-6 <undetermined>
 CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+	{DSA-2207-1}
 	- tomcat6 6.0.20-1 (low; bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (low; bug #532363)
@@ -33658,6 +33707,7 @@
 	- sudo 1.6.9p17-2 (medium)
 	[etch] - sudo <not-affected> (Vulnerable code not present)
 CVE-2009-0033 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+	{DSA-2207-1}
 	- tomcat6 6.0.28-1
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (medium; bug #532363)
@@ -33899,6 +33949,7 @@
 	{DSA-1708-1}
 	- git-core 1:1.5.6-1
 CVE-2008-5515 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 ...)
+	{DSA-2207-1}
 	- tomcat5 <removed> (bug #532363)
 	- tomcat5.5 <unfixed> (bug #532366)
 	- tomcat6 6.0.20-1 (bug #532362)




More information about the Secure-testing-commits mailing list