[Secure-testing-commits] r17698 - data/CVE

Mon Nov 28 21:14:31 UTC 2011

Author: joeyh
Date: 2011-11-28 21:14:31 +0000 (Mon, 28 Nov 2011)
New Revision: 17698

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-11-28 20:28:13 UTC (rev 17697)
+++ data/CVE/list	2011-11-28 21:14:31 UTC (rev 17698)
@@ -1,3 +1,33 @@
+CVE-2011-4558
+	RESERVED
+CVE-2011-4557
+	RESERVED
+CVE-2011-4556
+	RESERVED
+CVE-2011-4555
+	RESERVED
+CVE-2011-4554
+	RESERVED
+CVE-2011-4553
+	RESERVED
+CVE-2011-4552
+	RESERVED
+CVE-2011-4551
+	RESERVED
+CVE-2011-4550
+	RESERVED
+CVE-2011-4549
+	RESERVED
+CVE-2010-5067
+	RESERVED
+CVE-2010-5066
+	RESERVED
+CVE-2010-5065
+	RESERVED
+CVE-2010-5064
+	RESERVED
+CVE-2010-5063
+	RESERVED
 CVE-2011-XXXX [clearsilver format string issue]
 	- clearsilver <unfixed> (bug #649322)
 CVE-2011-4548 (Multiple unspecified vulnerabilities in Google Chrome before ...)
@@ -531,8 +561,7 @@
 CVE-2011-4336
 	RESERVED
 	NOT-FOR-US: Tiki Wiki
-CVE-2011-4335
-	RESERVED
+CVE-2011-4335 (Multiple cross-site scripting (XSS) vulnerabilities in Contao before ...)
 	NOT-FOR-US: Contao
 CVE-2011-4334
 	RESERVED
@@ -548,8 +577,8 @@
 CVE-2011-4330
 	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2011-4329
-	RESERVED
+CVE-2011-4329 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...)
+	TODO: check
 CVE-2011-4328 [gnash cookie infoleak]
 	RESERVED
 	- gnash <unfixed> (low; bug #649384)
@@ -579,8 +608,8 @@
 	RESERVED
 	- ejabberd 2.1.9-1
 	NOTE: https://support.process-one.net/browse/EJAB-1498
-CVE-2011-4319
-	RESERVED
+CVE-2011-4319 (Cross-site scripting (XSS) vulnerability in the i18n translations ...)
+	TODO: check
 CVE-2011-4318
 	RESERVED
 	- dovecot <unfixed> (unimportant; bug #649511)
@@ -720,8 +749,8 @@
 	NOT-FOR-US: CourseForum
 CVE-2011-4276
 	RESERVED
-CVE-2011-4275
-	RESERVED
+CVE-2011-4275 (Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT ...)
+	TODO: check
 CVE-2011-4274 (Cross-site scripting (XSS) vulnerability in the A-Form PC and ...)
 	NOT-FOR-US: Movable Type plugin
 CVE-2011-4273 (Multiple cross-site scripting (XSS) vulnerabilities in GoAhead ...)
@@ -2176,8 +2205,8 @@
 	RESERVED
 CVE-2011-3829
 	RESERVED
-CVE-2011-3828
-	RESERVED
+CVE-2011-3828 (DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote ...)
+	TODO: check
 CVE-2011-3827
 	RESERVED
 CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...)
@@ -3916,6 +3945,7 @@
 CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly ...)
 	NOT-FOR-US: pure-FTPd add-on
 CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and ...)
+	{DSA-2354-1}
 	- cups 1.5.0-8
 	NOTE: This ID is for an incomplete fix for CVE-2011-2896
 CVE-2010-4824
@@ -4728,6 +4758,7 @@
 CVE-2011-2897
 	RESERVED
 CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...)
+	{DSA-2354-1}
 	- cups 1.5.0-8
 	- gimp 2.6.11-5 (bug #643753)
 	TODO: There's more: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896
@@ -9079,8 +9110,8 @@
 	RESERVED
 CVE-2011-1379
 	RESERVED
-CVE-2011-1378
-	RESERVED
+CVE-2011-1378 (IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM ...)
+	TODO: check
 CVE-2011-1377
 	RESERVED
 CVE-2011-1376
@@ -9091,8 +9122,8 @@
 	RESERVED
 CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-1372
-	RESERVED
+CVE-2011-1372 (The Web User Interface on the IBM TS3100 and TS3200 tape libraries ...)
+	TODO: check
 CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2011-1370 (The default configuration of the Sametime configuration servlet (SCS) ...)


