[Secure-testing-commits] r34039 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun May 3 04:37:29 UTC 2015
Author: carnil
Date: 2015-05-03 04:37:29 +0000 (Sun, 03 May 2015)
New Revision: 34039
Modified:
data/CVE/list
Log:
Mark cobbler as unfixed, now in the archive
Add TODO entry to each cobbler CVE to recheck the status of it now that
it enterd the Debian archive.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-02 21:10:17 UTC (rev 34038)
+++ data/CVE/list 2015-05-03 04:37:29 UTC (rev 34039)
@@ -26378,7 +26378,8 @@
[wheezy] - python-soappy <no-dsa> (Minor issue)
NOTE: http://www.pnigos.com/?p=260
CVE-2014-3225 (Absolute path traversal vulnerability in the web interface in Cobbler ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2014-3219
RESERVED
- fish 2.1.1-1 (low; bug #746259)
@@ -65729,7 +65730,8 @@
- vlc <unfixed> (unimportant; bug #671727)
- taglib 1.7.2-1 (unimportant)
CVE-2012-2395 (Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2012-2394 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and ...)
- wireshark 1.6.8-1 (unimportant)
NOTE: Not suitable for code injection
@@ -66564,7 +66566,8 @@
- gajim 0.15-1.1 (low; bug #668710)
CVE-2012-2092
RESERVED
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2012-2091 (Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear ...)
- simgear 2.10.0-3 (unimportant; bug #669024)
- flightgear 2.6.0-1.1 (unimportant; bug #669025)
@@ -71453,12 +71456,15 @@
NOT-FOR-US: wordpress bsuite plugin
CVE-2011-4954
RESERVED
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2011-4953 (The set_mgmt_parameters function in item.py in cobbler before 2.2.2 ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2011-4952
RESERVED
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2011-4951 (Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware ...)
NOT-FOR-US: EGroupware
CVE-2011-4950 (Cross-site scripting (XSS) vulnerability in ...)
@@ -82138,7 +82144,8 @@
- xpdf 3.02-9
- poppler <not-affected> (never used t1lib)
CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...)
- logrotate <not-affected> (SuSE-specific, see CVE-2011-1548 for Debian)
CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...)
@@ -87125,7 +87132,8 @@
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
NOT-FOR-US: Zimplit CMS
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
[lenny] - movabletype-opensource 4.2.3-1+lenny2
@@ -87174,7 +87182,8 @@
[lenny] - tiff <not-affected> (3.9+ only)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: iSpot/ClearSpot hardware devices
CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
@@ -93549,7 +93558,8 @@
CVE-2010-2236 (The monitoring probe display in spacewalk-java before 2.1.148-1 and ...)
NOT-FOR-US: Red Hat Satellite
CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
- tiff 3.9.4-2
- tiff3 <not-affected> (fixed prior to initial upload)
@@ -106018,7 +106028,8 @@
CVE-2008-6955 (mxCamArchive 2.2 stores sensitive information under the web root with ...)
NOT-FOR-US: mxCamArchive
CVE-2008-6954 (The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote ...)
- - cobbler <itp> (bug #545583)
+ - cobbler <unfixed>
+ TODO: check after having entered the archive
CVE-2008-6953 (Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other ...)
NOT-FOR-US: ooVoo
CVE-2008-6952 (SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier ...)
More information about the Secure-testing-commits
mailing list