[Secure-testing-commits] r17340 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Sep 30 21:14:17 UTC 2011 

Author: joeyh
Date: 2011-09-30 21:14:16 +0000 (Fri, 30 Sep 2011)
New Revision: 17340

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-30 20:00:59 UTC (rev 17339)
+++ data/CVE/list	2011-09-30 21:14:16 UTC (rev 17340)
@@ -1,4 +1,15 @@
-CVE-2011-3867 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...)
+CVE-2011-3872
+	RESERVED
+CVE-2011-3871
+	RESERVED
+CVE-2011-3870
+	RESERVED
+CVE-2011-3869
+	RESERVED
+CVE-2011-3868
+	RESERVED
+CVE-2011-3867
+	REJECTED
 	NOTE: Duplicate of CVE-2011-2998, contacted MITRE and oss-sec for revocation
 CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -1074,7 +1085,7 @@
 	- masqmail 0.2.30-1 (low; bug #638002)
 	[lenny] - masqmail <no-dsa> (no security issue by itself)
 	[squeeze] - masqmail <no-dsa> (no security issue by itself)
-CVE-2011-3389 (The SSL protocol encrypts data by using CBC mode with chained ...)
+CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft ...)
 	NOT-FOR-US: Opera
 CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...)
 	NOT-FOR-US: Opera
@@ -1985,8 +1996,8 @@
 	- ioquake3 1.36+svn1946-4
 CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
 	NOT-FOR-US: CA ARCserve D2D
-CVE-2011-3010
-	RESERVED
+CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
+	TODO: check
 CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
 	TODO: check
 CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
@@ -2058,8 +2069,7 @@
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2998 [http://www.mozilla.org/security/announce/2011/mfsa2011-37.html]
-	RESERVED
+CVE-2011-2998 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...)
 	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>

More information about the Secure-testing-commits mailing list