[Secure-testing-commits] r16828 - data/CVE

Tue, 21 Jun 2011 09:12:49 -0700 

Author: jmm
Date: 2011-06-21 16:12:40 +0000 (Tue, 21 Jun 2011)
New Revision: 16828

Modified:
   data/CVE/list
Log:
- new rampart issue (front desk, please create ticket/file bug)
- one issue was splitt off of CVE-2010-4251 and is now tracked as CVE-2010-4805


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-06-21 16:12:07 UTC (rev 16827)
+++ data/CVE/list       2011-06-21 16:12:40 UTC (rev 16828)
@@ -372,7 +372,7 @@
 CVE-2011-2333
        RESERVED
 CVE-2011-2329 (The rampart_timestamp_token_validate function in ...)
-       TODO: check
+       - rampart <unfixed> 
 CVE-2011-2327
        RESERVED
 CVE-2011-2326
@@ -642,7 +642,7 @@
 CVE-2011-2166 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the 
user ...)
        TODO: check
 CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux 
kernel ...)
-       TODO: check
+       - linux-2.6 2.6.34-1
 CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass ...)
        TODO: check
 CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 
6.3.x, ...)
@@ -4530,8 +4530,8 @@
 CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) 
...)
        [lenny] - sun-java6 <no-dsa> (non-free not supported)
        [squeeze] - sun-java6 <no-dsa> (non-free not supported)
-       - sun-java6 <undetermined>
-       - openjdk-6 <undetermined>
+       - sun-java6 6.26-1 (bug #629852)
+       - openjdk-6 <undetermined> (bug #629852)
 CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) 
...)
        [lenny] - sun-java6 <no-dsa> (non-free not supported)
        [squeeze] - sun-java6 <no-dsa> (non-free not supported)
@@ -8207,7 +8207,7 @@
        - openssl <not-affected> (configured with -DOPENSSL_NO_JPAKE; bug 
#606902)
        NOTE: http://www.openssl.org/news/secadv_20101202.txt
 CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux 
kernel ...)
-       - linux-2.6 <not-affected> (introduced after 2.6.32; fixed in 2.6.37)
+       - linux-2.6 2.6.35-1
 CVE-2010-4250 [linux inotify memory leak]
        RESERVED
        - linux-2.6 2.6.37-1


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to