[Secure-testing-commits] r18169 - data/CVE

Helmut Grohne helmut-guest at alioth.debian.org
Sun Jan 15 14:53:58 UTC 2012 

Author: helmut-guest
Date: 2012-01-15 14:53:57 +0000 (Sun, 15 Jan 2012)
New Revision: 18169

Modified:
   data/CVE/list
Log:
NFUs, networkmanager(?), v8

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-15 14:42:11 UTC (rev 18168)
+++ data/CVE/list	2012-01-15 14:53:57 UTC (rev 18169)
@@ -6330,7 +6330,8 @@
 	NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
 	TODO: File bugs
 CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in ...)
-	TODO: check
+	- network-manager-gnome <undetermined>
+	NOTE: actually the ifcfg-rh plugin is affected. Do we include that?
 CVE-2011-3363
 	RESERVED
 	- linux-2.6 2.6.39-1
@@ -7895,7 +7896,7 @@
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
 CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
-	TODO: check
+	- libv8 <undetermined>
 CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	- webkit <undetermined>
@@ -12072,7 +12073,7 @@
 CVE-2011-1379
 	RESERVED
 CVE-2011-1378 (IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2011-1377
 	RESERVED
 CVE-2011-1376
@@ -12084,7 +12085,7 @@
 CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the ...)
 	NOT-FOR-US: IBM DB2
 CVE-2011-1372 (The Web User Interface on the IBM TS3100 and TS3200 tape libraries ...)
-	TODO: check
+	NOT-FOR-US: IBM web interface to tape libraries
 CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2011-1370 (The default configuration of the Sametime configuration servlet (SCS) ...)
@@ -12100,7 +12101,7 @@
 CVE-2011-1365
 	RESERVED
 CVE-2011-1364 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Goole App Engine Python SDK
 CVE-2011-1363
 	RESERVED
 CVE-2011-1362

More information about the Secure-testing-commits mailing list