[Secure-testing-commits] r25677 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Tue Feb 11 09:15:02 UTC 2014
Author: joeyh
Date: 2014-02-11 09:15:02 +0000 (Tue, 11 Feb 2014)
New Revision: 25677
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-11 07:43:06 UTC (rev 25676)
+++ data/CVE/list 2014-02-11 09:15:02 UTC (rev 25677)
@@ -1,4 +1,87 @@
+CVE-2014-1929
+ RESERVED
+CVE-2014-1926
+ RESERVED
+CVE-2014-1920
+ RESERVED
+CVE-2014-1919
+ RESERVED
+CVE-2014-1918
+ RESERVED
+CVE-2014-1917
+ RESERVED
+CVE-2014-1916 (The (1) opus_packet_get_nb_frames and (2) ...)
+ TODO: check
+CVE-2014-1915 (Multiple cross-site request forgery (CSRF) vulnerabilities in Command ...)
+ TODO: check
+CVE-2014-1914 (Multiple cross-site scripting (XSS) vulnerabilities in Command School ...)
+ TODO: check
+CVE-2014-1913
+ RESERVED
+CVE-2014-1912
+ RESERVED
+CVE-2014-1911
+ RESERVED
+CVE-2014-1910
+ RESERVED
+CVE-2014-1908
+ RESERVED
+CVE-2014-1907
+ RESERVED
+CVE-2014-1906
+ RESERVED
+CVE-2014-1905
+ RESERVED
+CVE-2014-1904
+ RESERVED
+CVE-2014-1903
+ RESERVED
+CVE-2014-1902
+ RESERVED
+CVE-2014-1901
+ RESERVED
+CVE-2014-1900
+ RESERVED
+CVE-2014-1899
+ RESERVED
+CVE-2014-1898
+ RESERVED
+CVE-2014-1897
+ RESERVED
+CVE-2014-1890
+ RESERVED
+CVE-2014-1889
+ RESERVED
+CVE-2014-1888
+ RESERVED
+CVE-2014-1880
+ RESERVED
+CVE-2014-1879
+ RESERVED
+CVE-2014-1878
+ RESERVED
+CVE-2014-1873
+ RESERVED
+CVE-2014-1872
+ RESERVED
+CVE-2014-1871
+ RESERVED
+CVE-2014-1870 (Opera before 19 on Mac OS X allows user-assisted remote attackers to ...)
+ TODO: check
+CVE-2014-1869 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2013-7321 (Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access ...)
+ TODO: check
+CVE-2013-7320 (Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 ...)
+ TODO: check
+CVE-2013-7319 (Cross-site scripting (XSS) vulnerability in the Download Manager ...)
+ TODO: check
+CVE-2012-6637
+ RESERVED
+CVE-2012-6636
+ RESERVED
CVE-2013-7322 [OTP token invalidation]
+ RESERVED
- oath-toolkit <unfixed> (low; bug #738515)
[wheezy] - oath-toolkit <no-dsa> (Minor issue)
NOTE: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
@@ -19,54 +102,75 @@
CVE-2014-1932 [insecure use of /tmp]
- pillow <unfixed> (bug #737059)
CVE-2014-1928 [Erroneous insertion of a \ character]
+ RESERVED
- python-gnupg <unfixed> (bug #738509)
CVE-2014-1927 [Erroneous assumptions about the usability of " characters]
+ RESERVED
- python-gnupg <unfixed> (bug #738509)
CVE-2014-1925 [SQL injection]
+ RESERVED
- koha <itp> (bug #702134)
CVE-2014-1924 [MARC framework import/export function did not require authentication]
+ RESERVED
- koha <itp> (bug #702134)
CVE-2014-1923 [arbitrary file write trough edithelp.pl]
+ RESERVED
- koha <itp> (bug #702134)
CVE-2014-1922 [path traversal]
+ RESERVED
- koha <itp> (bug #702134)
CVE-2014-1921 [possible correlation between key fetches]
+ RESERVED
- parcimonie 0.8.1-1 (bug #738134)
CVE-2014-1909
+ RESERVED
NOT-FOR-US: Android SDK Tools
CVE-2014-1896 [XSA-86 libvchan failure handling malicious ring indexes]
+ RESERVED
- xen <unfixed>
[squeeze] - xen <not-affected> (Only affects 4.2 and later)
[wheezy] - xen <not-affected> (Only affects 4.2 and later)
CVE-2014-1895 [XSA-85 Off-by-one error in FLASK_AVC_CACHESTAT hypercall]
+ RESERVED
- xen <unfixed>
[squeeze] - xen <not-affected> (Only affects 4.2 and later)
[wheezy] - xen <not-affected> (Only affects 4.2 and later)
CVE-2014-1894 [XSA-84]
+ RESERVED
- xen <not-affected> (XSM not enabled in build)
NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1893 [XSA-84]
+ RESERVED
- xen <not-affected> (XSM not enabled in build)
NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1892 [XSA-84]
+ RESERVED
- xen <not-affected> (XSM not enabled in build)
NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1891 [XSA-84]
+ RESERVED
- xen <not-affected> (XSM not enabled in build)
NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1887
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1886
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1885
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1884
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1883
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1882
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1881
+ RESERVED
NOT-FOR-US: Apache Cordova
CVE-2014-1868
RESERVED
@@ -142,15 +246,19 @@
NOTE: http://bugs.python.org/issue20246
TODO: check
CVE-2014-1877 [Multiple Stored XSS]
+ RESERVED
NOT-FOR-US: Dokeos
CVE-2014-1876 [insecure temp file handling]
+ RESERVED
- openjdk-7 <unfixed> (bug #737562)
- openjdk-6 <unfixed>
CVE-2014-1875 [insecure use of /tmp]
+ RESERVED
- libcapture-tiny-perl 0.24-1 (bug #737835)
[wheezy] - libcapture-tiny-perl <no-dsa> (Minor issue)
[squeeze] - libcapture-tiny-perl <no-dsa> (Minor issue)
CVE-2014-1874 [SELinux local DoS]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
TODO: check
@@ -505,18 +613,18 @@
RESERVED
CVE-2014-1700
RESERVED
-CVE-2014-1699
- RESERVED
+CVE-2014-1699 (Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote ...)
NOT-FOR-US: Siemens SIMATIC
-CVE-2014-1698
- RESERVED
-CVE-2014-1697
- RESERVED
-CVE-2014-1696
- RESERVED
+CVE-2014-1698 (Directory traversal vulnerability in Siemens SIMATIC WinCC OA before ...)
+ TODO: check
+CVE-2014-1697 (The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 ...)
+ TODO: check
+CVE-2014-1696 (Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash ...)
+ TODO: check
CVE-2014-1695
RESERVED
CVE-2013-7323 [Unrestricted use of unquoted strings in a shell]
+ RESERVED
- python-gnupg <unfixed> (bug #738509)
CVE-2013-7318 (Cross-site scripting (XSS) vulnerability in BusinessFlow/login in ...)
NOT-FOR-US: AlgoSec Firewall Analyzer
@@ -600,8 +708,8 @@
RESERVED
CVE-2014-1665
RESERVED
-CVE-2014-1663
- RESERVED
+CVE-2014-1663 (Unspecified vulnerability in Citrix XenMobile Device Manager server ...)
+ TODO: check
CVE-2014-1662
RESERVED
CVE-2014-1661
@@ -640,8 +748,8 @@
RESERVED
CVE-2014-1644
RESERVED
-CVE-2014-1643
- RESERVED
+CVE-2014-1643 (The Web Email Protection component in Symantec Encryption Management ...)
+ TODO: check
CVE-2013-7317 (Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before ...)
NOT-FOR-US: CS-Cart
CVE-2013-7316 (Cross-site scripting (XSS) vulnerability in GitLab 6.0 allows remote ...)
@@ -2134,8 +2242,8 @@
RESERVED
CVE-2014-0823
RESERVED
-CVE-2014-0822
- RESERVED
+CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
+ TODO: check
CVE-2014-0821
RESERVED
CVE-2014-0820
@@ -2148,8 +2256,8 @@
RESERVED
CVE-2014-0816
RESERVED
-CVE-2014-0815
- RESERVED
+CVE-2014-0815 (The intent: URL implementation in Opera before 18 on Android allows ...)
+ TODO: check
CVE-2014-0814
RESERVED
CVE-2014-0813
@@ -2598,8 +2706,7 @@
RESERVED
CVE-2014-0623
RESERVED
-CVE-2014-0622
- RESERVED
+CVE-2014-0622 (The web service in EMC Documentum Foundation Services (DFS) 6.5 ...)
NOT-FOR-US: EMC Documentum Foundation Services
CVE-2014-0621 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Technicolor TC7200 STD6.01.12
@@ -3511,8 +3618,7 @@
RESERVED
CVE-2013-7131
RESERVED
-CVE-2013-7130 [Live migration can leak root disk into ephemeral storage]
- RESERVED
+CVE-2013-7130 (The i_create_images_and_backing (aka create_images_and_backing) method ...)
- nova <unfixed> (bug #736465)
NOTE: https://bugs.launchpad.net/nova/+bug/1251590
CVE-2013-7129 (Cross-site scripting (XSS) vulnerability in ThemeBeans Blooog theme ...)
@@ -3894,8 +4000,8 @@
RESERVED
CVE-2014-0331
RESERVED
-CVE-2014-0330
- RESERVED
+CVE-2014-0330 (Cross-site scripting (XSS) vulnerability in adminui/user_list.php on ...)
+ TODO: check
CVE-2014-0329 (The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded ...)
TODO: check
CVE-2014-0328
@@ -4772,13 +4878,11 @@
RESERVED
CVE-2014-0046
RESERVED
-CVE-2014-0045
- RESERVED
+CVE-2014-0045 (The needSamples method in AudioOutputSpeech.cpp in the client in ...)
{DSA-2854-1}
- mumble 1.2.4-0.2 (bug #737739)
[squeeze] - mumble <not-affected> (Opus support not present)
-CVE-2014-0044
- RESERVED
+CVE-2014-0044 (The opus_packet_get_samples_per_frame function in client in Mumble ...)
{DSA-2854-1}
- mumble 1.2.4-0.2 (bug #737739)
[squeeze] - mumble <not-affected> (Opus support not present)
@@ -4793,14 +4897,12 @@
CVE-2014-0040
RESERVED
NOT-FOR-US: openstack-heat-templates
-CVE-2014-0039 [configuration file can be loaded from cwd when run as a non-root user]
- RESERVED
+CVE-2014-0039 (Untrusted search path vulnerability in fwsnort before 1.6.4, when not ...)
- fwsnort <unfixed> (low; bug #737495)
[wheezy] - fwsnort <no-dsa> (Minor issue)
[squeeze] - fwsnort <not-affected> (Vulnerable code not present)
NOTE: https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348
-CVE-2014-0038 [arbitrary write with CONFIG_X86_X32]
- RESERVED
+CVE-2014-0038 (The compat_sys_recvmmsg function in net/compat.c in the Linux kernel ...)
- linux <unfixed> (unimportant)
- linux-2.6 <not-affected> (Introduced in 3.4+)
NOTE: introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/compat.c?id=ee4fa23c4bfcc635d077a9633d405610de45bc70
@@ -4849,8 +4951,7 @@
- chrony 1.29.1-1 (low; bug #737644)
[squeeze] - chrony <no-dsa> (Minor issue)
[wheezy] - chrony <no-dsa> (Minor issue)
-CVE-2014-0020
- RESERVED
+CVE-2014-0020 (The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
@@ -5927,67 +6028,55 @@
NOT-FOR-US: Pirhana
CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo ...)
- nova <unfixed>
-CVE-2013-6490
- RESERVED
+CVE-2013-6490 (The SIMPLE protocol functionality in Pidgin before 2.10.8 allows ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6489
- RESERVED
+CVE-2013-6489 (Integer signedness error in the MXit functionality in Pidgin before ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
CVE-2013-6488
REJECTED
-CVE-2013-6487
- RESERVED
+CVE-2013-6487 (Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu ...)
{DSA-2859-1 DSA-2852-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
- libgadu 1:1.11.3-1
-CVE-2013-6486
- RESERVED
+CVE-2013-6486 (gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted ...)
- pidgin <not-affected> (Windows-specific)
-CVE-2013-6485
- RESERVED
+CVE-2013-6485 (Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6484
- RESERVED
+CVE-2013-6484 (The STUN protocol implementation in libpurple in Pidgin before 2.10.8 ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6483
- RESERVED
+CVE-2013-6483 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6482
- RESERVED
+CVE-2013-6482 (Pidgin before 2.10.8 allows remote MSN servers to cause a denial of ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6481
- RESERVED
+CVE-2013-6481 (libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
CVE-2013-6480 (Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter ...)
- python-libcloud <not-affected> (affects 0.12.3 to 0.13.3)
NOTE: version prior to 0.12.3 don't include a DigitalOcean driver
-CVE-2013-6479
- RESERVED
+CVE-2013-6479 (util.c in libpurple in Pidgin before 2.10.8 does not properly allocate ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6478
- RESERVED
+CVE-2013-6478 (gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
-CVE-2013-6477
- RESERVED
+CVE-2013-6477 (Multiple integer signedness errors in libpurple in Pidgin before ...)
{DSA-2859-1}
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
@@ -6291,8 +6380,7 @@
CVE-2013-6394 (Percona XtraBackup before 2.1.6 uses a constant string for the ...)
- percona-xtrabackup <unfixed> (bug #730544)
TODO: check if this if fixed with 2.1.6-2; note fw's comment on oss-security
-CVE-2013-6393 [heap-based buffer overflow when parsing YAML tags]
- RESERVED
+CVE-2013-6393 (The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before ...)
{DSA-2850-1}
- libyaml 0.1.4-3 (bug #737076)
- libyaml-libyaml-perl <unfixed>
@@ -6485,8 +6573,8 @@
NOT-FOR-US: IBM
CVE-2013-6333
RESERVED
-CVE-2013-6332
- RESERVED
+CVE-2013-6332 (Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 ...)
+ TODO: check
CVE-2013-6331
RESERVED
CVE-2013-6330 (IBM WebSphere Application Server 7.x before 7.0.0.31, when ...)
@@ -7239,8 +7327,7 @@
CVE-2013-5984
RESERVED
NOT-FOR-US: Microweber
-CVE-2013-5983
- RESERVED
+CVE-2013-5983 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY before ...)
NOT-FOR-US: GuppY
CVE-2013-5982
RESERVED
@@ -14782,8 +14869,7 @@
NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2013-2963
RESERVED
-CVE-2013-2962
- RESERVED
+CVE-2013-2962 (Buffer overflow in the Launcher in IBM WebSphere Transformation ...)
NOT-FOR-US: IBM WebSphere Transformation Extender
CVE-2013-2961 (The internal web server in the Basic Services component in IBM Tivoli ...)
NOT-FOR-US: IBM Tivoli
@@ -16939,8 +17025,7 @@
CVE-2013-2192 (The RPC protocol implementation in Apache Hadoop 2.x before ...)
NOT-FOR-US: Apache Hadoop
NOTE: There was the package in unstable, but never in a release, see 630820
-CVE-2013-2191
- RESERVED
+CVE-2013-2191 (python-bugzilla before 0.9.0 does not validate X.509 certificates, ...)
NOT-FOR-US: python-bugzilla
CVE-2013-2190 (The translate_hierarchy_event function in ...)
- clutter-1.0 1.14.4-3 (low; bug #714264)
@@ -17474,8 +17559,7 @@
CVE-2013-2039 [owncloud: oC-SA-2013-020]
RESERVED
- owncloud 4.0.15debian-1
-CVE-2013-2038 [DoS (packet parser crash) in the AIS driver when processing malformed packet]
- RESERVED
+CVE-2013-2038 (The NMEA0183 driver in gpsd before 3.9 allows remote attackers to ...)
- gpsd 3.6-5 (bug #706665)
[wheezy] - gpsd 3.6-4+deb7u1
[squeeze] - gpsd <no-dsa> (Minor issue)
@@ -17938,8 +18022,7 @@
NOT-FOR-US: Drupal module Rules
CVE-2013-1905 (Cross-site scripting (XSS) vulnerability in the Zero Point theme ...)
NOT-FOR-US: Drupal theme Zero Point
-CVE-2013-1904 [roundcube variable overwrite]
- RESERVED
+CVE-2013-1904 (Absolute path traversal vulnerability in steps/mail/sendmail.inc in ...)
- roundcube 0.7.2-9
[squeeze] - roundcube <not-affected> (Vulnerable code not present)
CVE-2013-1903 (PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x ...)
@@ -23867,8 +23950,7 @@
RESERVED
CVE-2012-6153
RESERVED
-CVE-2012-6152
- RESERVED
+CVE-2012-6152 (The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does ...)
- pidgin 2.10.8-1
[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...)
@@ -25901,8 +25983,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=877015
CVE-2012-5525 (The get_page_from_gfn hypercall function in Xen 4.2 allows local PV ...)
- xen <not-affected> (Only affects Xen 4.2 and xen-unstable)
-CVE-2012-5524
- RESERVED
+CVE-2012-5524 (The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 ...)
- gajim 0.15.4-1 (low; bug #693282)
[wheezy] - gajim 0.15.1-4.1
[squeeze] - gajim <no-dsa> (Minor issue)
@@ -37484,8 +37565,7 @@
- network-manager <unfixed> (low; bug #684259)
[wheezy] - network-manager <no-dsa> (Minor issue)
[squeeze] - network-manager <no-dsa> (Minor issue)
-CVE-2012-1095
- RESERVED
+CVE-2012-1095 (osc before 0.134 might allow remote OBS repository servers or package ...)
- osc <unfixed> (unimportant)
NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc
CVE-2012-1094
@@ -43012,8 +43092,7 @@
[squeeze] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
[lenny] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
NOTE: http://www.wireshark.org/security/wnpa-sec-2011-17.html
-CVE-2011-4099
- RESERVED
+CVE-2011-4099 (The capsh program in libcap before 2.22 does not change the current ...)
- libcap2 1:2.22-1 (low)
[squeeze] - libcap2 <no-dsa> (Minor issue)
CVE-2011-4098 (The fallocate implementation in the GFS2 filesystem in the Linux ...)
@@ -50022,8 +50101,7 @@
CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security ...)
NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
-CVE-2011-1773
- RESERVED
+CVE-2011-1773 (virt-v2v before 0.8.4 does not preserve the VNC console password when ...)
NOT-FOR-US: virt-v2v
CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache ...)
- libstruts1.2-java <not-affected> (xwork introduced in 2.x)
@@ -56481,8 +56559,8 @@
NOT-FOR-US: Novell NetWare
CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
NOT-FOR-US: Novell Netware
-CVE-2010-4226
- RESERVED
+CVE-2010-4226 (cpio, as used in build 2007.05.10, 2010.07.28, and possibly other ...)
+ TODO: check
CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...)
- mono 2.6.7-5 (bug #608288)
CVE-2010-4224
More information about the Secure-testing-commits
mailing list