Author: jmm-guest
Date: 2009-03-26 17:36:15 +0000 (Thu, 26 Mar 2009)
New Revision: 11479
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
- new kfreebsd issue
- remove etch-specific unfixed entry, unneeded and might cause problems
- clone mikmod no-dsas for lenny
- unimportant bash issue fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-26 09:14:13 UTC (rev 11478)
+++ data/CVE/list 2009-03-26 17:36:15 UTC (rev 11479)
@@ -71,7 +71,8 @@
CVE-2009-1042 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6
allows ...)
NOT-FOR-US: Apple Safari
CVE-2009-1041 (The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1,
and 7.2 ...)
- TODO: check
+ - kfreebsd-7 7.1-3
+ [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
CVE-2008-6511 (Open redirect vulnerability in login.jsp in Openfire 3.6.0a and
...)
NOT-FOR-US: Openfire
CVE-2008-6510 (Cross-site scripting (XSS) vulnerability in login.jsp in the
Admin ...)
@@ -352,7 +353,6 @@
NOT-FOR-US: Dotclear
CVE-2009-0932 (Directory traversal vulnerability in framework/Image/Image.php
in ...)
- horde3 3.2.2+debian0-2 (bug #513265)
- [etch] - horde3 <unfixed> (bug #513265; medium)
CVE-2009-0931 (Cross-site scripting (XSS) vulnerability in the tag cloud
search ...)
- horde3 3.2.2+debian0-2 (bug #513265)
[etch] - horde3 <not-affected> (Vulnerable code not present)
@@ -3278,6 +3278,7 @@
CVE-2009-0179 (libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly
other ...)
- libmikmod <unfixed> (low; bug #476339)
[etch] - libmikmod <no-dsa> (Minor issue)
+ [lenny] - libmikmod <no-dsa> (Minor issue)
CVE-2009-0178 (Unspecified vulnerability in IBM Hardware Management Console
(HMC) 7 ...)
NOT-FOR-US: IBM Hardware Management Console
CVE-2009-0177 (vmwarebase.dll, as used in the vmware-authd service (aka ...)
@@ -3308,6 +3309,7 @@
CVE-2007-6720 (libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer,
and ...)
- libmikmod <unfixed> (low; bug #461519)
[etch] - libmikmod <no-dsa> (Minor issue)
+ [lenny] - libmikmod <no-dsa> (Minor issue)
- sdl-mixer1.2 1.2.8-1 (low; bug #422021)
[etch] - sdl-mixer1.2 <no-dsa> (Minor issue)
CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 9.1 before
FP6a and ...)
@@ -4906,7 +4908,7 @@
- cmus 2.2.0-1.1 (unimportant; bug #509277)
NOTE: Just an example script
CVE-2008-5374 (bash-doc 3.2 allows local users to overwrite arbitrary files
via a ...)
- - bash <unfixed> (unimportant; bug #509279)
+ - bash 4.0-2 (unimportant; bug #509279)
NOTE: scripts are examples
CVE-2008-5373 (mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local
users ...)
- bacula <unfixed> (unimportant; bug #509301)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-03-26 09:14:13 UTC (rev 11478)
+++ data/spu-candidates.txt 2009-03-26 17:36:15 UTC (rev 11479)
@@ -10,6 +10,10 @@
--
+kfreebsd-7 (CVE-2009-1041)
+
+--
+
mpfr (CVE-2009-0757)
--
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
