[Secure-testing-commits] r17626 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Nov 16 21:14:23 UTC 2011 

Author: joeyh
Date: 2011-11-16 21:14:23 +0000 (Wed, 16 Nov 2011)
New Revision: 17626

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-11-16 21:08:18 UTC (rev 17625)
+++ data/CVE/list	2011-11-16 21:14:23 UTC (rev 17626)
@@ -1,3 +1,21 @@
+CVE-2011-4455
+	RESERVED
+CVE-2011-4454
+	RESERVED
+CVE-2011-4453
+	RESERVED
+CVE-2011-4452
+	RESERVED
+CVE-2011-4451
+	RESERVED
+CVE-2011-4450
+	RESERVED
+CVE-2011-4449
+	RESERVED
+CVE-2011-4448
+	RESERVED
+CVE-2008-7303 (The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do ...)
+	TODO: check
 CVE-2011-4447
 	RESERVED
 CVE-2011-4446
@@ -308,6 +326,7 @@
 	RESERVED
 CVE-2011-4313 [BIND INSIST crash in query.c]
 	RESERVED
+	{DSA-2347-1}
 	- bind9 <unfixed> (high)
 	NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
 CVE-2011-4312
@@ -4858,6 +4877,7 @@
 	[squeeze] - mahara <not-affected> (Vulnerable code not present)
 	[lenny] - mahara <not-affected> (Vulnerable code not present)
 CVE-2011-4118 (Mahara before 1.4.1, when MNet (aka the Moodle network feature) is ...)
+	{DSA-2334-1}
 	- mahara 1.4.1-1
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=4138
 CVE-2011-2773 (Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 ...)
@@ -8322,8 +8342,8 @@
 	NOTE: maintainer claims you shouldn't grant access to the SOAP daemon to a user you do not trust.
 CVE-2011-1517
 	RESERVED
-CVE-2011-1516
-	RESERVED
+CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in ...)
+	TODO: check
 CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
 	NOT-FOR-US: HP OpenView
 CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
@@ -47919,7 +47939,7 @@
 	NOT-FOR-US: Notepad++
 CVE-2008-3435 (LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly ...)
 	NOT-FOR-US: LinkedIn
-CVE-2008-3434 (Apple iTunes before 6.0.5.20 does not properly verify the authenticity ...)
+CVE-2008-3434 (Apple iTunes before 10.5.1 does not properly verify the authenticity ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3433 (SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not ...)
 	NOT-FOR-US: SpeedBit Download Accelerator Plus

More information about the Secure-testing-commits mailing list