[Secure-testing-commits] r17212 - data/CVE

Sun Sep 11 21:14:18 UTC 2011

Author: joeyh
Date: 2011-09-11 21:14:18 +0000 (Sun, 11 Sep 2011)
New Revision: 17212

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-09-11 17:22:24 UTC (rev 17211)
+++ data/CVE/list	2011-09-11 21:14:18 UTC (rev 17212)
@@ -433,6 +433,7 @@
 CVE-2011-3206
 	RESERVED
 CVE-2011-3205 (Buffer overflow in the gopherToHTML function in gopher.cc in the ...)
+	{DSA-2304-1}
 	- squid3 3.1.15-1 (low; bug #639755)
 	- squid <not-affected> (Only a buffer overflow in Squid 3, see https://bugzilla.redhat.com/show_bug.cgi?id=734583#c4)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
@@ -1434,6 +1435,7 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/91611
 CVE-2011-2818 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/91386
@@ -1485,6 +1487,7 @@
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/90936
 CVE-2011-2800 (Google Chrome before 13.0.782.107 allows remote attackers to obtain ...)
+	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/91044
@@ -2675,6 +2678,7 @@
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
 CVE-2011-2359 (Google Chrome before 13.0.782.107 does not properly track line boxes ...)
+	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
 	NOTE: http://trac.webkit.org/changeset/90068
@@ -7280,7 +7284,7 @@
 CVE-2011-0763
 	RESERVED
 CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...)
-	{DSA-2304-1}
+	{DSA-2305-1}
 	- vsftpd 2.3.4-1 (bug #622741)
 	[squeeze] - vsftpd 2.3.2-3+squeeze3
 	[lenny] - vsftpd 2.0.7-1+lenny1
@@ -7411,10 +7415,12 @@
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
 	NOTE: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
 CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote ...)
+	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
 CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
+	{DSA-2306-1}
 	- libav 4:0.6-1 
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
@@ -7683,7 +7689,7 @@
 	- ffmpeg-debian <not-affected> (issue introduced in 0.6.x series)
 	NOTE: recheck when 0.6.x gets uploaded
 CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...)
-	{DSA-2165-1}
+	{DSA-2306-1 DSA-2165-1}
 	- libav 4:0.6.2-1 (low; bug #611495)
 	- ffmpeg <removed> (low; bug #611495)
 	- ffmpeg-debian <removed> (low)
@@ -8071,6 +8077,7 @@
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...)
+	{DSA-2306-1}
 	- ffmpeg <not-affected> (webm not yet supported)
 	- ffmpeg-debian <not-affected> (webm not supported yet)
 	- libav 4:0.6.1-1 (bug #610550)
@@ -11553,6 +11560,7 @@
 CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
 	NOT-FOR-US: vtiger CRM
 CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
+	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>


