[Secure-testing-commits] r17274 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Sep 23 09:14:18 UTC 2011 

Author: joeyh
Date: 2011-09-23 09:14:17 +0000 (Fri, 23 Sep 2011)
New Revision: 17274

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-23 08:28:27 UTC (rev 17273)
+++ data/CVE/list	2011-09-23 09:14:17 UTC (rev 17274)
@@ -1055,7 +1055,7 @@
 	- apache2 2.2.19-2
 CVE-2011-3191
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 <unfixed>
 CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 ...)
 	- tomcat6 <unfixed>
@@ -1067,7 +1067,7 @@
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
 CVE-2011-3188
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 CVE-2011-3187 (The to_s method in ...)
 	TODO: check
 CVE-2011-3186 (CRLF injection vulnerability in ...)
@@ -1739,7 +1739,7 @@
 CVE-2011-2929 (The template selection functionality in ...)
 	TODO: check
 CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux ...)
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
 CVE-2011-2927
 	RESERVED
@@ -2803,7 +2803,7 @@
 	- tomcat5.5 <removed> (bug #634992)
 CVE-2011-2525
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.35-1
 CVE-2011-2524 (Directory traversal vulnerability in soup-uri.c in SoupServer in ...)
 	- libsoup2.4 2.34.3-1 (bug #635837)
@@ -2901,15 +2901,15 @@
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.36)
 CVE-2011-2497 (Integer underflow in the l2cap_config_req function in ...)
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3
 CVE-2011-2496
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-1 (low)
 CVE-2011-2495
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
 CVE-2011-2494
 	RESERVED
@@ -2920,11 +2920,11 @@
 	[squeeze] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
 	[lenny] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
 CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not ...)
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
 CVE-2011-2491
 	RESERVED
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1
 CVE-2011-2490 (opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not ...)
 	{DSA-2281-1}
@@ -2942,7 +2942,7 @@
 	RESERVED
 	- gdk-pixbuf 2.23.3-3.1 (bug #631524)
 CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...)
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3 (low)
 CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
 	- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
@@ -3560,6 +3560,7 @@
 CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
 	NOT-FOR-US: VMware
 CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux ...)
+	{DSA-2310-1}
 	- linux-2.6 2.6.39-3
 CVE-2011-2212
 	RESERVED
@@ -3648,12 +3649,14 @@
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
 CVE-2011-2209 [Alpha-specific issue]
 	RESERVED
+	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 CVE-2011-2210 [Alpha-specific issue]
 	RESERVED
 	- linux-2.6 2.6.32-1
 CVE-2011-2211 [Alpha-specific issue]
 	RESERVED
+	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 CVE-2011-2203 [HFS DoS]
 	RESERVED
@@ -7116,7 +7119,7 @@
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37 and ...)
-	{DSA-2303-1}
+	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 <unfixed>
 CVE-2011-1019
 	RESERVED
@@ -8056,6 +8059,7 @@
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
 CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB audio ...)
+	{DSA-2310-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
@@ -24858,6 +24862,7 @@
 	RESERVED
 CVE-2009-4067
 	RESERVED
+	{DSA-2310-1}
 	- linux-2.6 2.6.28-1 (low)
 	NOTE: Driver was removed in 2.6.27
 CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in the "My ...)

More information about the Secure-testing-commits mailing list