[Secure-testing-commits] r18041 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Jan 5 18:33:42 UTC 2012 

Author: jmm
Date: 2012-01-05 18:33:42 +0000 (Thu, 05 Jan 2012)
New Revision: 18041

Modified:
   data/CVE/list
   data/next-point-update.txt
   data/spu-candidates.txt
Log:
- backuppc CVEfied and no-dsa
- new kernel issue
- commons-daemon not affected in Squeeze
- torcs issue is actually in plib, torcs links against it
- restore unimportant severity for ghostscript, fix typo for split issue and clone no-dsa accordingly
- one openssl issue fixed in sid
- older openssl issue CVEfied
- record python-virtualenv spu upload
- new tor issues (all fixed in stable)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-05 00:54:30 UTC (rev 18040)
+++ data/CVE/list	2012-01-05 18:33:42 UTC (rev 18041)
@@ -301,8 +301,10 @@
 	RESERVED
 CVE-2011-4924
 	RESERVED
-CVE-2011-4923
+CVE-2011-4923 [backuppc xss issue]
 	RESERVED
+	- backuppc 3.2.1-2 (bug #646865)
+	[squeeze] - backuppc <no-dsa> (Minor issue)
 CVE-2011-4922 [libpurple info leak]
 	RESERVED
 	- pidgin 2.7.11-1 (low)
@@ -479,13 +481,13 @@
 CVE-2012-0221
 	RESERVED
 CVE-2011-4897 (Tor before 0.2.2.25-alpha, when configured as a relay without the ...)
-	TODO: check
+	- tor 0.2.2.27-beta-1
 CVE-2011-4896 (Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ...)
-	TODO: check
+	- tor 0.2.2.27-beta-1
 CVE-2011-4895 (Tor before 0.2.2.34, when configured as a bridge, sets up circuits ...)
-	TODO: check
+	- tor 0.2.2.34-1
 CVE-2011-4894 (Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort ...)
-	TODO: check
+	- tor 0.2.2.34-1
 CVE-2011-4893
 	RESERVED
 CVE-2011-4892
@@ -564,6 +566,9 @@
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
 CVE-2011-4858
 	RESERVED
+	- tomcat5 <removed>
+	- tomcat6 <unfixed>
+	- tomcat7 <unfixed>
 CVE-2011-4857 (Heap-based buffer overflow in the in_mod.dll plugin in Winamp before ...)
 	NOT-FOR-US: Winamp
 CVE-2010-5080
@@ -1340,6 +1345,7 @@
 	RESERVED
 CVE-2012-0028
 	RESERVED
+	- linux-2.6 2.6.32-1
 CVE-2012-0027 [Invalid GOST parameters DoS Attack in OpenSSL]
 	RESERVED
 	- openssl <unfixed>
@@ -1561,7 +1567,7 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB ...)
-	- torcs <unfixed>
+	- plib <unfixed>
 CVE-2011-4619 [SGC Restart DoS Attack in OpenSSL]
 	RESERVED
 	- openssl <unfixed>
@@ -2833,7 +2839,7 @@
 CVE-2011-4204
 	RESERVED
 CVE-2011-4203 (CRLF injection vulnerability in calendar/set.php in the Calendar ...)
-	TODO: check
+	NOT-FOR-US: Moodle addon
 CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions ...)
 	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image ...)
@@ -2846,8 +2852,6 @@
 	RESERVED
 CVE-2011-4197 (etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 ...)
 	NOT-FOR-US: pfSense
-CVE-2011-XXXX [backuppc xss issue]
-	- backuppc 3.2.1-2 (bug #646865)
 CVE-2011-XXXX [spip privilege escalation]
 	- spip 2.1.12-1 (bug #649113)
 	[squeeze] - spip 2.1.1-3squeeze2
@@ -3070,10 +3074,11 @@
 	- linux-2.6 3.1.4-1
 CVE-2011-4109 [Double-free in Policy Checks in OpenSSL]
 	RESERVED
-	- openssl <unfixed>
+	- openssl 1.0.0c-1
 CVE-2011-4108 [DTLS Plaintext Recovery Attack in OpenSSL]
 	RESERVED
-	- openssl <unfixed>
+	- openssl <unfixed> (low; bug #645805)
+	NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
 CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in ...)
 	- phpmyadmin 4:3.4.7.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulerable code not present)
@@ -3157,7 +3162,7 @@
 CVE-2011-4085
 	RESERVED
 CVE-2011-4084 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 ...)
-	TODO: check
+	NOTE: Will be rejected to avoid confusion
 CVE-2011-4083
 	RESERVED
 CVE-2011-4082
@@ -3199,9 +3204,6 @@
 	RESERVED
 CVE-2006-7246
 	RESERVED
-CVE-2011-XXXX [incorrect OPENSSL_assert() in DTLS code]
-	- openssl <unfixed> (low; bug #645805)
-	NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
 CVE-2011-4072
 	RESERVED
 CVE-2011-4071
@@ -5390,6 +5392,7 @@
 CVE-2011-3361 [BackupPC XSS in Browse.pm]
 	RESERVED
 	- backuppc 3.2.1-2 (bug #641450)
+	[squeeze] - backuppc <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=f1f1ef74-716d-4af8-b1bf-c1ba6d9a98a1%40SC1EXHC-02.global.atheros.com&forum_name=backuppc-devel
 	NOTE: http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/lib/BackupPC/CGI/Browse.pm?r1=1.23&r2=1.24
 CVE-2011-3360 (Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 ...)
@@ -5467,11 +5470,11 @@
 	NOTE: for vsftpd by adding a kernel check before using this feature, see DSA-2304-1
 	NOTE: for details
 CVE-2011-3339 (Cross-site scripting (XSS) vulnerability in the Admin Control Center ...)
-	TODO: check
+	NOT-FOR-US: Sentinel HASP Run-time Environment
 CVE-2011-3338
 	RESERVED
 CVE-2011-3337 (eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 ...)
-	TODO: check
+	NOT-FOR-US: eEye Digital Security Audits 
 CVE-2011-3336
 	RESERVED
 CVE-2011-3335
@@ -5910,9 +5913,10 @@
 	RESERVED
 CVE-2010-4821
 	RESERVED
-CVE-2010-4820 [ghostscript split from CVE-2011-2055]
+CVE-2010-4820 [ghostscript split from CVE-2010-2055]
 	RESERVED
 	- ghostscript 8.71~dfsg2-6.1
+	[lenny] - ghostscript <no-dsa> (too risky for regressions)
 CVE-2010-4819 [X.org ProcRenderGlyps input sanitation issue]
 	RESERVED
 	- xorg-server 2:1.9.0.901-1
@@ -7267,6 +7271,7 @@
 	RESERVED
 CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 ...)
 	- commons-daemon 1.0.7-1
+	[squeeze] - commons-daemon <not-affected> (Support for libcap was only added in 1.0.6)
 	NOTE: According to http://tomcat.apache.org/security-7.html jsvc needs to be build againt libcap to be exploitable
 CVE-2011-2728
 	RESERVED
@@ -16844,7 +16849,8 @@
 CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 ...)
 	NOT-FOR-US: IBM solidDB
 CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
-	- ghostscript 8.71~dfsg-1
+	- ghostscript 8.71~dfsg-1 (unimportant)
+	NOTE: Crash-only
 CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2010-4052 (Stack consumption vulnerability in the regcomp implementation in the ...)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2012-01-05 00:54:30 UTC (rev 18040)
+++ data/next-point-update.txt	2012-01-05 18:33:42 UTC (rev 18041)
@@ -52,4 +52,7 @@
 	[squeeze] - erlang 1:14.a-dfsg-3squeeze1
 CVE-2011-1843
 	[squeeze] - tinyproxy 1.8.2-1squeeze2
+CVE-2011-4617
+	[squeeze] - python-virtualenv 1.4.9-3squeeze1
 
+

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-01-05 00:54:30 UTC (rev 18040)
+++ data/spu-candidates.txt	2012-01-05 18:33:42 UTC (rev 18041)
@@ -19,6 +19,11 @@
 
 --
 
+backuppc (CVE-2011-4923, CVE-2011-3361)
+641450 646865
+
+--
+
 bugzilla (CVE-2011-3667, CVE-2011-3657)
 https://bugzilla.mozilla.org/show_bug.cgi?id=711714
 https://bugzilla.mozilla.org/show_bug.cgi?id=697699

More information about the Secure-testing-commits mailing list