diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2009-05-24 08:04:56 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2009-05-24 08:04:56 +0000 |
| commit | cc4e3d07b3b0504acff25292f5dccfd92fdf3675 (patch) | |
| tree | 5f22d7d08c3471eca01ec4d62499937fd0cebc49 | |
| parent | f3efa243192df7d79aee97cda7a7ec2483cd0699 (diff) | |
- compiz-fusion-plugins-main no-dsa
- two new kernel issues
- requested removal for verlihub
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11963 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rw-r--r-- | data/CVE/list | 10 | ||||
| -rw-r--r-- | data/problematic-packages | 2 | ||||
| -rw-r--r-- | data/spu-candidates.txt | 10 |
3 files changed, 18 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 37a5bb7c31..6f35bbaf84 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -9,7 +9,8 @@ CVE-2009-1760 CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function ...) - ctorrent <unfixed> (bug #530255) CVE-2009-1758 (The hypervisor_callback function in Xen, possibly before 3.4.0, as ...) - TODO: check + - linux-2.6 <unfixed> + - linux-2.6.24 <removed> CVE-2009-1757 (Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 ...) - transmission 1.61-1 (low) [lenny] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30) @@ -287,8 +288,10 @@ CVE-2009-1635 RESERVED CVE-2009-1634 RESERVED -CVE-2009-1633 +CVE-2009-1633 [CIFS Unicode issue] RESERVED + - linux-2.6 <unfixed> + - linux-2.6.24 <removed> CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote ...) {DSA-1804-1} - ipsec-tools 0.7.1-1.5 (medium; bug #528933) @@ -2458,7 +2461,8 @@ CVE-2009-1049 (SQL injection vulnerability in articleCall.php in Bloginator 1A a CVE-2008-6515 (Cross-site scripting (XSS) vulnerability in Fritz Berger yet another ...) NOT-FOR-US: yappa-ng CVE-2008-6514 (The Expo plugin in Compiz Fusion 0.7.8 allows local users with ...) - - compiz-fusion-plugins-main 0.8.2-1 + - compiz-fusion-plugins-main 0.8.2-1 (low) + [lenny] - compiz-fusion-plugins-main <no-dsa> (Minor issue) CVE-2008-6513 (Unrestricted file upload vulnerability in saa.php in Andy's PHP ...) NOT-FOR-US: Andy's PHP Knowledgebase CVE-2008-6512 (Cross-domain vulnerability in the WorkerPool API in Google Gears ...) diff --git a/data/problematic-packages b/data/problematic-packages index 7a8e520678..807037fbd2 100644 --- a/data/problematic-packages +++ b/data/problematic-packages @@ -21,4 +21,4 @@ Filed RC bug about maintenance status: #527840 verlihub: (May 2009) No maintainer upload for one year, no reply to RC security bug #506530 for six months as of 2009-05-21 - +Requested removal from the archive: 529817 diff --git a/data/spu-candidates.txt b/data/spu-candidates.txt index 6235a673ab..22c6e23c22 100644 --- a/data/spu-candidates.txt +++ b/data/spu-candidates.txt @@ -25,6 +25,10 @@ notified maintainer -- +compiz-fusion-plugins-main (CVE-2008-6514) + +-- + coccinelle http://packages.qa.debian.org/c/coccinelle/news/20090502T001704Z.html @@ -72,6 +76,12 @@ Ola will prepare a fix in a point update -- +smarty (CVE-2009-1669) +#529810 +http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462 + +-- + tau (CVE-2008-5157) #506348 notified maintainer |