diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2011-01-25 21:49:15 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2011-01-25 21:49:15 +0000 |
commit | 5c511e8571dafb019f7e6b16d7213a5613c27290 (patch) | |
tree | 8c45b365b79ba8e47855d402c7f779e4e8dad4b9 /data | |
parent | 4993c0ca79b60a2cef04341cc81ffce68a84610c (diff) |
NFUs
new minor pam issues
two ffmpeg issues (probably related to CVE-2010-0480)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15967 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 28 | ||||
-rw-r--r-- | data/spu-candidates.txt | 2 |
2 files changed, 20 insertions, 10 deletions
diff --git a/data/CVE/list b/data/CVE/list index 8fa78bc661..8c53617299 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,25 +1,33 @@ CVE-2011-0640 (The default configuration of udev on Linux does not warn the user ...) TODO: check CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling ...) - TODO: check + NOT-FOR-US: Mac OS X CVE-2011-0638 (Microsoft Windows does not properly warn the user before enabling ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0637 (The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a ...) - TODO: check + NOT-FOR-US: AIX CVE-2011-0636 (The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA ...) - TODO: check + NOT-FOR-US: NVIDIA CUDA Toolkit CVE-2011-0635 (Static code injection vulnerability in Simploo CMS 1.7.1 and earlier ...) - TODO: check + NOT-FOR-US: Simploo CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the ...) - TODO: check + - pam <unfixed> + [lenny] - pam <no-dsa> (Minor issue) + [squeeze] - pam <no-dsa> (Minor issue) CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in ...) - TODO: check + - pam <unfixed> + [lenny] - pam <no-dsa> (Minor issue) + [squeeze] - pam <no-dsa> (Minor issue) CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth ...) - TODO: check + - pam <unfixed> + [lenny] - pam <no-dsa> (Minor issue) + [squeeze] - pam <no-dsa> (Minor issue) CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in ...) - TODO: check + - ffmpeg <unfixed> (bug #610550) + - ffmpeg-debian <removed> CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...) - TODO: check + - ffmpeg <unfixed> (bug #610550) + - ffmpeg-debian <removed> CVE-2011-XXXX [xmlTextWriterWriteAttribute heap disclosure] - libxml2 <unfixed> NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551 diff --git a/data/spu-candidates.txt b/data/spu-candidates.txt index 3f78c8ec96..3ce08ddd67 100644 --- a/data/spu-candidates.txt +++ b/data/spu-candidates.txt @@ -508,6 +508,8 @@ pam (CVE-2009-0579) #514437 asked maintainer in mail +CVE-2010-4708/CVE-2010-4707/CVE-2010-4706 + -- pidgin (CVE-2009-1889, CVE-2009-3085) |