[Secure-testing-commits] r17566 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Nov 7 19:33:31 UTC 2011 

Author: jmm
Date: 2011-11-07 19:33:30 +0000 (Mon, 07 Nov 2011)
New Revision: 17566

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
- fix up old icedove data: three icedove issues resolved
- keepalived bugnum/no-dsa



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-11-07 19:19:02 UTC (rev 17565)
+++ data/CVE/list	2011-11-07 19:33:30 UTC (rev 17566)
@@ -3757,7 +3757,7 @@
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-2980 (Untrusted search path vulnerability in the ThinkPadSensor::Startup ...)
-	- icedove 3.1.12-1
+	- icedove <not-affected> (Only affects Windows)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
 CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...)
@@ -5446,7 +5446,7 @@
 	- xulrunner <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceweasel <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceape <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
-	- icedove 3.1.11-1
+	- icedove <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed>
@@ -5527,7 +5527,7 @@
 	- xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel <not-affected> (Only affects Firefox >= 3.6)
 	- iceape <not-affected> (Only affects Firefox >= 3.6)
-	- icedove 3.1.11-1
+	- icedove <not-affected> (Only affects Firefox >= 3.6)
 CVE-2011-2363 (Use-after-free vulnerability in the nsSVGPointList::AppendElement ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
@@ -7143,7 +7143,9 @@
 CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to ...)
 	NOT-FOR-US: VMware
 CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and ...)
-	- keepalived <unfixed>
+	- keepalived <unfixed> (low; bug #626281)
+	[lenny] - keepalived <no-dsa> (Minor issue)
+	[squeeze] - keepalived <no-dsa> (Minor issue)
 CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2011-11-07 19:19:02 UTC (rev 17565)
+++ data/ospu-candidates.txt	2011-11-07 19:33:30 UTC (rev 17566)
@@ -320,6 +320,11 @@
 
 --
 
+keepalived (CVE-2011-1784)
+#626281
+
+--
+
 kfreebsd-6
 [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
 http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-11-07 19:19:02 UTC (rev 17565)
+++ data/spu-candidates.txt	2011-11-07 19:33:30 UTC (rev 17566)
@@ -63,6 +63,11 @@
 
 --
 
+keepalived (CVE-2011-1784)
+#626281
+
+--
+
 mutt (CVE-2011-1429)
 #619216

More information about the Secure-testing-commits mailing list