[Secure-testing-commits] r18576 - data/CVE

Helmut Grohne helmut-guest at alioth.debian.org
Sat Mar 3 11:05:42 UTC 2012 

Author: helmut-guest
Date: 2012-03-03 11:05:42 +0000 (Sat, 03 Mar 2012)
New Revision: 18576

Modified:
   data/CVE/list
Log:
work on 4 <undetermined>


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-03 07:44:55 UTC (rev 18575)
+++ data/CVE/list	2012-03-03 11:05:42 UTC (rev 18576)
@@ -7833,7 +7833,8 @@
 CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
 	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 ...)
-	- glassfish <undetermined>
+	- glassfish <not-affected> (administration component not shipped)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=783897
 CVE-2011-3563 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
@@ -11764,7 +11765,7 @@
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)
 CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in ...)
-	- cherokee <undetermined>
+	- cherokee <unfixed> (bug #661993)
 CVE-2011-2189 (net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does ...)
 	- linux-2.6 2.6.35-1 (low)
 	[lenny] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
@@ -13541,6 +13542,8 @@
 	- libmodplug 1:0.8.8.2-1 (low; bug #622091)
 CVE-2011-1573 (net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when ...)
 	- linux-2.6 <undetermined>
+	NOTE: http://xorl.wordpress.com/2011/05/08/cve-2011-1573-linux-kernel-sctp-initinit-ack-length-miscalculation/
+	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8170c35e738d62e9919ce5b109cf4ed66e9
 CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands (ADC) ...)
 	{DSA-2215-1}
 	- gitolite 1.5.7-2
@@ -18451,6 +18454,7 @@
 	RESERVED
 CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to ...)
 	- linux-2.6 <undetermined>
+	NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
 CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-4561

More information about the Secure-testing-commits mailing list