[Secure-testing-commits] r17389 - data/CVE

Jonathan Wiltshire jmw at alioth.debian.org
Fri Oct 7 18:04:16 UTC 2011


Author: jmw
Date: 2011-10-07 18:04:16 +0000 (Fri, 07 Oct 2011)
New Revision: 17389

Modified:
   data/CVE/list
Log:
Update bugzilla statuses

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-07 15:50:21 UTC (rev 17388)
+++ data/CVE/list	2011-10-07 18:04:16 UTC (rev 17389)
@@ -2615,6 +2615,8 @@
 	- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to the archive)
 CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <unfixed> (low)
+	[lenny] - bugzilla <unfixed> (low)
 CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...)
 	- bugzilla <not-affected> (Only affects Bugzilla on Windows)
 CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through ...)
@@ -4213,10 +4215,16 @@
 	RESERVED
 CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <unfixed> (low)
+	[lenny] - bugzilla <unfixed> (low)
 CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <unfixed> (low)
+	[lenny] - bugzilla <unfixed> (low)
 CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <unfixed> (low)
+	[lenny] - bugzilla <unfixed> (low)
 CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
@@ -11245,14 +11253,18 @@
 CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in ...)
 	NOT-FOR-US: Majordomo
 CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
-	- bugzilla <unfixed> (bug #611176)
+	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla <unfixed> (bug #611176)
+	[lenny] - bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 ...)
 	- mediawiki 1:1.15.5-3 (low; bug #611787)
 	[lenny] - mediawiki 1:1.12.0-2lenny8 (low; bug #611787)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
-	- bugzilla <unfixed> (bug #611176)
+	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla <unfixed> (bug #611176)
+	[lenny] - bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
 	{DSA-2188-1}
@@ -11280,7 +11292,9 @@
 CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
 	NOT-FOR-US: VMware ESXi
 CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, ...)
-	- bugzilla <unfixed>
+	- bugzilla <removed>
+	[squeeze] - bugzilla <unfixed>
+	[lenny] - bugzilla <unfixed>
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 	NOTE: perl and associate packages are CVE-2010-2761 and CVE-2010-4411 (see above reference)
 CVE-2010-4571
@@ -11290,10 +11304,14 @@
 CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, ...)
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
 CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
-	- bugzilla <unfixed> (bug #611176)
+	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla <unfixed> (bug #611176)
+	[lenny] - bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
-	- bugzilla <unfixed> (high; bug #611176)
+	- bugzilla <removed> (high; bug #611176)
+	[squeeze] - bugzilla <unfixed> (high; bug #611176)
+	[lenny] - bugzilla <unfixed> (high; bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4566 (The web authentication form in the NT4 authentication component in ...)
 	NOT-FOR-US: Citrix Acces Gateway




More information about the Secure-testing-commits mailing list