[Secure-testing-commits] r17411 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Oct 11 21:14:20 UTC 2011
Author: joeyh
Date: 2011-10-11 21:14:20 +0000 (Tue, 11 Oct 2011)
New Revision: 17411
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-11 18:30:00 UTC (rev 17410)
+++ data/CVE/list 2011-10-11 21:14:20 UTC (rev 17411)
@@ -1131,15 +1131,15 @@
[lenny] - conky 1.6.0-2+lenny1
CVE-2011-3615 [unknown security issue in simple machines forum]
RESERVED
- TODO: check
+ TODO: check
NOTE: http://www.openwall.com/lists/oss-security/2011/10/09/3
CVE-2011-3614 [vanilla plugin access control]
RESERVED
- NOTE: http://www.openwall.com/lists/oss-security/2011/10/09/2
+ NOTE: http://www.openwall.com/lists/oss-security/2011/10/09/2
CVE-2011-3613 [vanilla forums cookie theft]
RESERVED
- TODO: check
- NOTE: http://www.openwall.com/lists/oss-security/2011/10/09/2
+ TODO: check
+ NOTE: http://www.openwall.com/lists/oss-security/2011/10/09/2
CVE-2011-3612 [HTB22913: Multiple CSRF in UseBB]
RESERVED
TODO: check
@@ -2847,8 +2847,10 @@
- xulrunner <not-affected> (Only affects Windows)
- iceweasel <not-affected> (Only affects Windows)
CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...)
+ {DSA-2322-1}
- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to the archive)
CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+ {DSA-2322-1}
- bugzilla <removed> (low)
[squeeze] - bugzilla 3.6.2.0-4.4
CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...)
@@ -4444,12 +4446,15 @@
CVE-2011-2384
RESERVED
CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...)
+ {DSA-2322-1}
- bugzilla <removed> (low)
[squeeze] - bugzilla 3.6.2.0-4.4
CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+ {DSA-2322-1}
- bugzilla <removed> (low)
[squeeze] - bugzilla 3.6.2.0-4.4
CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
+ {DSA-2322-1}
- bugzilla <removed> (low)
[squeeze] - bugzilla 3.6.2.0-4.4
CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
@@ -11480,6 +11485,7 @@
CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in ...)
NOT-FOR-US: Majordomo
CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+ {DSA-2322-1}
- bugzilla <removed> (bug #611176)
[squeeze] - bugzilla 3.6.2.0-4.4
NOTE: http://www.bugzilla.org/security/3.2.9/
@@ -11488,6 +11494,7 @@
[lenny] - mediawiki 1:1.12.0-2lenny8 (low; bug #611787)
[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
+ {DSA-2322-1}
- bugzilla <removed> (bug #611176)
[squeeze] - bugzilla 3.6.2.0-4.4
NOTE: http://www.bugzilla.org/security/3.2.9/
@@ -11517,6 +11524,7 @@
CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
NOT-FOR-US: VMware ESXi
CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, ...)
+ {DSA-2322-1}
- bugzilla <removed>
[squeeze] - bugzilla 3.6.2.0-4.4
NOTE: http://www.bugzilla.org/security/3.2.9/
@@ -11528,10 +11536,12 @@
CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, ...)
- bugzilla <not-affected> (vulnerable code introduced in 3.7)
CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
+ {DSA-2322-1}
- bugzilla <removed> (bug #611176)
[squeeze] - bugzilla 3.6.2.0-4.4
NOTE: http://www.bugzilla.org/security/3.2.9/
CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+ {DSA-2322-1}
- bugzilla <removed> (high; bug #611176)
[squeeze] - bugzilla 3.6.2.0-4.4
NOTE: http://www.bugzilla.org/security/3.2.9/
More information about the Secure-testing-commits
mailing list