new openjdk issue

new openssh issue doesn't affect any release
update NFU entries to differentiate between Joomla and it's addons



git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@16059 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 7 insertions, 4 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 366da415e2..1814deb3d8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [Legacy certificates stack disclosure]
+	- openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
 CVE-2011-0758
 	RESERVED
 CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
@@ -77,11 +79,11 @@ CVE-2011-0721
 CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
 	NOT-FOR-US: Immo Makler
 CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla JEAuto addon
 CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla JRadio addon
 CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla Lyftenbloggie addon
 CVE-2011-0720
 	RESERVED
 CVE-2011-0719
@@ -615,7 +617,7 @@ CVE-2010-4698 (Stack-based buffer overflow in the GD extension in PHP before 5.2
 CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
 	- php5 <unfixed>
 CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
-	NOT-FOR-US: Joomla
+	NOT-FOR-US: Joomla 
 CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
 	NOT-FOR-US: Hastymail
 CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...)
@@ -2160,6 +2162,7 @@ CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY
 	NOT-FOR-US: MRCGIGUY FreeTicket
 CVE-2011-0025
 	RESERVED
+	- openjdk-6 6b18-1.8.5-1
 CVE-2011-0024
 	RESERVED
 CVE-2011-0023