[Secure-testing-commits] r17196 - data/CVE
Nico Golde
nion at alioth.debian.org
Thu Sep 8 22:14:01 UTC 2011
Author: nion
Date: 2011-09-08 22:14:01 +0000 (Thu, 08 Sep 2011)
New Revision: 17196
Modified:
data/CVE/list
Log:
- NFUs
- new rsyslog issue (CVE-2011-3200) fixed in 5.8.5-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-08 21:56:47 UTC (rev 17195)
+++ data/CVE/list 2011-09-08 22:14:01 UTC (rev 17196)
@@ -1,5 +1,5 @@
CVE-2011-3390 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: IBM OpenAdmin Too
CVE-2010-4833 (Untrusted search path vulnerability in ...)
TODO: check
CVE-2011-XXXX [mantis multiple issues]
@@ -13,15 +13,15 @@
[squeeze] - masqmail <no-dsa> (no security issue by itself)
NOTE: CVE id requested
CVE-2011-3389 (Unspecified vulnerability in Opera before 11.51 has unknown attack ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM Java
CVE-2011-3386 (Unspecified vulnerability in Medtronic Paradigm wireless insulin pump ...)
- TODO: check
+ NOT-FOR-US: Medtronic Paradigm wireless insulin pump
CVE-2011-3385 (Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, ...)
- TODO: check
+ NOT-FOR-US: WebsiteBaker
CVE-2011-3384
RESERVED
CVE-2011-3383
@@ -442,7 +442,8 @@
CVE-2011-3201
RESERVED
CVE-2011-3200 (Stack-based buffer overflow in the parseLegacySyslogMsg function in ...)
- TODO: check
+ - rsyslog 5.8.5-1
+ NOTE: off-by-one/-two limited to 0 or :0
CVE-2011-3199
RESERVED
- dtc 0.34.1-1 (bug #637584)
More information about the Secure-testing-commits
mailing list