diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2011-01-25 21:35:04 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2011-01-25 21:35:04 +0000 |
commit | 4993c0ca79b60a2cef04341cc81ffce68a84610c (patch) | |
tree | fd283cba6a6c2c6aef16e29b290f92caabd04ad9 /data | |
parent | 19b058c4a693b632e30b3e3b0bfbd01a9e9d440e (diff) |
sssd NMUed
offlineimap no-dsa
filed bugs for qemu and mojarra
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15966 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 26 | ||||
-rw-r--r-- | data/spu-candidates.txt | 5 |
2 files changed, 19 insertions, 12 deletions
diff --git a/data/CVE/list b/data/CVE/list index e94522efbf..8fa78bc661 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1017,13 +1017,13 @@ CVE-2010-4621 CVE-2010-4620 RESERVED CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in ...) - - gimp <unfixed> (bug #608497) + - gimp <unfixed> (low; bug #608497) CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb ...) - - gimp <unfixed> (bug #608497) + - gimp <unfixed> (low; bug #608497) CVE-2010-4541 (Stack-based buffer overflow in the loadit function in ...) - - gimp <unfixed> (bug #608497) + - gimp <unfixed> (low; bug #608497) CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...) - - gimp <unfixed> (bug #608497) + - gimp <unfixed> (low; bug #608497) CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka ...) NOT-FOR-US: Mafya Oyun Scrpti CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info ...) @@ -1758,10 +1758,14 @@ CVE-2010-4534 (The administrative interface in django.contrib.admin in Django be NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/ CVE-2010-4533 [offlineimap uses SSLv2] RESERVED - - offlineimap <unfixed> (bug #606962) + - offlineimap <unfixed> (low; bug #606962) + [squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed) + [lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed) CVE-2010-4532 [no SSL cert validation] RESERVED - - offlineimap <unfixed> (bug #603450) + - offlineimap <unfixed> (low; bug #603450) + [squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed) + [lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed) CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the ...) - pcsc-lite 1.5.5-4 (low; bug #607781) CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart ...) @@ -1898,9 +1902,8 @@ CVE-2011-0012 RESERVED CVE-2011-0011 [qemu-kvm: Setting VNC password to empty string silently disables all authentication] RESERVED - - qemu <unfixed> - - kvm <removed> - TODO: check + - qemu <unfixed> (bug #611134) + - kvm <removed> (bug #611134) CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...) - sudo 1.7.4p4-6 (bug #609641) [lenny] - sudo <not-affected> (Only affects 1.7.x) @@ -2345,7 +2348,7 @@ CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 doe CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...) - linux-2.6 2.6.32-30 CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...) - - sssd <unfixed> (bug #610032) + - sssd 1.2.1-4.1 (bug #610032) CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...) NOT-FOR-US: Pointter PHP Micro-Blogging Social Network CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...) @@ -8329,8 +8332,7 @@ CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the ...) CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted ...) NOT-FOR-US: Microsoft .NET CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...) - - mojarra <unfixed> - TODO: check + - mojarra <unfixed> (bug #611130) CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application ...) NOT-FOR-US: Apache MyFaces CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 1.1 has ...) diff --git a/data/spu-candidates.txt b/data/spu-candidates.txt index c28e277c97..3f78c8ec96 100644 --- a/data/spu-candidates.txt +++ b/data/spu-candidates.txt @@ -482,6 +482,11 @@ notified maintainer -- +offlineimap (CVE-2010-4533, CVE-2010-4532) +#606962 + +-- + openldap #253838 notified maintainer |