[Secure-testing-commits] r16701 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-05-24 18:01:44 +0000 (Tue, 24 May 2011)
New Revision: 16701

Modified:
   data/CVE/list
Log:
new klibc issue (no-dsa)
new dovecot issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-05-24 14:02:24 UTC (rev 16700)
+++ data/CVE/list	2011-05-24 18:01:44 UTC (rev 16701)
@@ -520,8 +520,13 @@
 	- ffmpeg-debian <removed>
 CVE-2011-1930
 	RESERVED
+       - klibc 1.5.22-1 (low)
+       [squeeze] - klibc <no-dsa> (Minor issue)
+       [lenny] - klibc <no-dsa> (Minor issue)
 CVE-2011-1929
 	RESERVED
+       - dovecot 1:2.0.13-1 (bug #627443)
+       [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
 CVE-2011-1928
 	RESERVED
 	{DSA-2237-2}
@@ -2856,8 +2861,8 @@
 CVE-2011-1089 (The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ...)
 	- glibc <removed>
 	- eglibc <unfixed>
-	TODO: This issue will be assigned to glibc, probably. Not confirmed yet.
 	NOTE: http://seclists.org/oss-sec/2011/q1/368
+	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e1fb097f447a89aa69a926e45e673a52d86a6c57
 CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1087 (Buffer overflow in VideoLAN VLC media player 1.0.5 allows ...)