[Secure-testing-commits] r34040 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun May 3 06:04:50 UTC 2015
Author: carnil
Date: 2015-05-03 06:04:49 +0000 (Sun, 03 May 2015)
New Revision: 34040
Modified:
data/CVE/list
Log:
Update cobbler entries
Update cobbler entries based on available information for these older
CVEs. There are still a few which need an update now that cobbler is in
the archive.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-03 04:37:29 UTC (rev 34039)
+++ data/CVE/list 2015-05-03 06:04:49 UTC (rev 34040)
@@ -26378,8 +26378,7 @@
[wheezy] - python-soappy <no-dsa> (Minor issue)
NOTE: http://www.pnigos.com/?p=260
CVE-2014-3225 (Absolute path traversal vulnerability in the web interface in Cobbler ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2014-3219
RESERVED
- fish 2.1.1-1 (low; bug #746259)
@@ -65730,8 +65729,7 @@
- vlc <unfixed> (unimportant; bug #671727)
- taglib 1.7.2-1 (unimportant)
CVE-2012-2395 (Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2012-2394 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and ...)
- wireshark 1.6.8-1 (unimportant)
NOTE: Not suitable for code injection
@@ -71459,8 +71457,7 @@
- cobbler <unfixed>
TODO: check after having entered the archive
CVE-2011-4953 (The set_mgmt_parameters function in item.py in cobbler before 2.2.2 ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2011-4952
RESERVED
- cobbler <unfixed>
@@ -87132,8 +87129,7 @@
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
NOT-FOR-US: Zimplit CMS
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
[lenny] - movabletype-opensource 4.2.3-1+lenny2
@@ -87182,8 +87178,7 @@
[lenny] - tiff <not-affected> (3.9+ only)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: iSpot/ClearSpot hardware devices
CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
@@ -93558,8 +93553,7 @@
CVE-2010-2236 (The monitoring probe display in spacewalk-java before 2.1.148-1 and ...)
NOT-FOR-US: Red Hat Satellite
CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
- tiff 3.9.4-2
- tiff3 <not-affected> (fixed prior to initial upload)
@@ -106028,8 +106022,7 @@
CVE-2008-6955 (mxCamArchive 2.2 stores sensitive information under the web root with ...)
NOT-FOR-US: mxCamArchive
CVE-2008-6954 (The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote ...)
- - cobbler <unfixed>
- TODO: check after having entered the archive
+ - cobbler <not-affected> (Fixed before initial upload)
CVE-2008-6953 (Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other ...)
NOT-FOR-US: ooVoo
CVE-2008-6952 (SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier ...)
More information about the Secure-testing-commits
mailing list