[Secure-testing-commits] r17637 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Nov 18 21:14:59 UTC 2011 

Author: joeyh
Date: 2011-11-18 21:14:58 +0000 (Fri, 18 Nov 2011)
New Revision: 17637

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-11-18 21:13:45 UTC (rev 17636)
+++ data/CVE/list	2011-11-18 21:14:58 UTC (rev 17637)
@@ -1,3 +1,7 @@
+CVE-2011-4464
+	RESERVED
+CVE-2011-4463
+	RESERVED
 CVE-2011-4462
 	RESERVED
 CVE-2011-4461
@@ -8,8 +12,8 @@
 	RESERVED
 CVE-2011-4458
 	RESERVED
-CVE-2011-4457
-	RESERVED
+CVE-2011-4457 (OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when ...)
+	TODO: check
 CVE-2011-4456
 	REJECTED
 CVE-2011-4455
@@ -391,18 +395,21 @@
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4290 [MSA-11-0015]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4289 [MSA-11-0014]
 	RESERVED
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4288 [MSA-11-0013]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4287 [MSA-11-0012]
 	RESERVED
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4286 [MSA-11-0011]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4285 [MSA-11-0010]
 	RESERVED
@@ -412,6 +419,7 @@
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4283 [MSA-11-0008]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4282 [MSA-11-0007]
 	RESERVED
@@ -427,6 +435,7 @@
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4278 [MSA-11-0003]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum ...)
 	NOT-FOR-US: CourseForum
@@ -939,6 +948,7 @@
 	RESERVED
 CVE-2011-4133 [MSA-11-0002]
 	RESERVED
+	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
 CVE-2011-4132
 	RESERVED
@@ -968,8 +978,7 @@
 	RESERVED
 CVE-2011-4123
 	RESERVED
-CVE-2011-4122
-	RESERVED
+CVE-2011-4122 (kcheckpass, as used in OpenPAM in FreeBSD 8.1 and possibly other ...)
 	NOT-FOR-US: OpenPAM
 CVE-2011-4121
 	RESERVED
@@ -1000,8 +1009,7 @@
 	RESERVED
 CVE-2011-4108
 	RESERVED
-CVE-2011-4107 [phpmyadmin xml local file inclusion]
-	RESERVED
+CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in ...)
 	- phpmyadmin 4:3.4.7.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=751112
@@ -1040,8 +1048,8 @@
 	- linux-2.6 3.0.0-6
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-4096
-	RESERVED
+CVE-2011-4096 (The idnsGrokReply function in Squid before 3.1.16 does not properly ...)
+	TODO: check
 CVE-2011-4095
 	RESERVED
 CVE-2011-4094
@@ -1110,8 +1118,8 @@
 CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin ...)
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646769)
-CVE-2011-4073
-	RESERVED
+CVE-2011-4073 (Use-after-free vulnerability in the cryptographic helper handler ...)
+	TODO: check
 CVE-2007-6744
 	RESERVED
 CVE-2006-7246
@@ -1730,8 +1738,8 @@
 	RESERVED
 CVE-2011-3901
 	RESERVED
-CVE-2011-3900
-	RESERVED
+CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...)
+	TODO: check
 CVE-2011-3899
 	RESERVED
 CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) ...)
@@ -2340,8 +2348,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-3646 [PMASA-2011-15]
-	RESERVED
+CVE-2011-3646 (phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote ...)
 	- phpmyadmin 4:3.4.6-1 (unimportant)
 CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...)
 	NOT-FOR-US: Newgen OmniDocs
@@ -2405,8 +2412,7 @@
 	- pam <unfixed> (low)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
-CVE-2011-3627
-	RESERVED
+CVE-2011-3627 (The bytecode engine in ClamAV before 0.97.3 allows remote attackers to ...)
 	- clamav 0.97.3+dfsg-1 (low)
 CVE-2011-3626
 	RESERVED
@@ -3085,8 +3091,8 @@
 	NOT-FOR-US: Phorum
 CVE-2011-3381 (Cross-site request forgery (CSRF) vulnerability in Phorum before ...)
 	NOT-FOR-US: Phorum
-CVE-2011-3380
-	RESERVED
+CVE-2011-3380 (Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a ...)
+	TODO: check
 CVE-2011-3379 (The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the ...)
 	- php5 <unfixed>
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
@@ -4906,8 +4912,7 @@
 CVE-2011-2771 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara before ...)
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2770 [man2html XSS]
-	RESERVED
+CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html ...)
 	{DSA-2335-1}
 	- man2html 1.6g-6
 CVE-2011-2769

More information about the Secure-testing-commits mailing list