diff options
author | Giuseppe Iuculano <giuseppe@iuculano.it> | 2010-03-28 21:39:25 +0000 |
---|---|---|
committer | Giuseppe Iuculano <giuseppe@iuculano.it> | 2010-03-28 21:39:25 +0000 |
commit | ab5d76cceb70b2b20c2f089343ef03140432e21d (patch) | |
tree | 9f67fb0cdc09abfdb3a0dde51e8cd56eeadaba89 /data | |
parent | fece3d780d0d0a1f2dc5a87861bd618c1c862e58 (diff) |
filed some bugs
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14347 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 14 | ||||
-rw-r--r-- | data/problematic-packages | 4 |
2 files changed, 11 insertions, 7 deletions
diff --git a/data/CVE/list b/data/CVE/list index 598dfee9c1..14c8cb4003 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1395,7 +1395,7 @@ CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (fle CVE-2010-0629 RESERVED CVE-2010-0628 (The spnego_gss_accept_sec_context function in ...) - - krb5 <unfixed> + - krb5 <unfixed> (bug #575740) [lenny] - krb5 <not-affected> (Only affects 1.7/1.8) CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues] - couchdb <unfixed> (bug #570013) @@ -2365,7 +2365,7 @@ CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer ( CVE-2010-0308 (lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through ...) {DSA-1991-1} - squid 2.7.STABLE8-1 - - squid3 <unfixed> + - squid3 <unfixed> (bug #575747) CVE-2010-0307 (The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel ...) {DSA-1996-1} - linux-2.6 2.6.32-8 @@ -2467,7 +2467,7 @@ CVE-2010-0282 CVE-2010-0281 RESERVED CVE-2010-0280 (Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in ...) - - lib3ds <unfixed> (low) + - lib3ds <unfixed> (low; bug #575741) [lenny] - lib3ds <no-dsa> (Minor issue) [etch] - lib3ds <no-dsa> (Minor issue) NOTE: http://www.coresecurity.com/content/google-sketchup-vulnerability @@ -3103,7 +3103,7 @@ CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function in CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8 allows ...) - zabbix 1:1.8-1 (bug #562613) CVE-2009-4497 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 ...) - - lxr-cvs <unfixed> + - lxr-cvs <unfixed> (bug #575745) NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=E1NS2s4-0001PE-F2@3bkjzd1.ch3.sourceforge.com&forum_name=lxr-developer CVE-2009-4496 (Boa 0.94.14rc21 writes data to a log file without sanitizing ...) - boa <unfixed> (unimportant) @@ -4676,10 +4676,10 @@ CVE-2009-3998 CVE-2009-3997 (Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in ...) NOT-FOR-US: winamp CVE-2009-3996 (Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder ...) - - libmikmod <unfixed> + - libmikmod <unfixed> (bug #575742) NOTE: http://secunia.com/secunia_research/2009-55/ CVE-2009-3995 (Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module ...) - - libmikmod <unfixed> + - libmikmod <unfixed> (bug #575742) NOTE: http://secunia.com/secunia_research/2009-55/ CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in ...) - devil 1.7.8-6 (low; bug #560080) @@ -6475,7 +6475,7 @@ CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as u [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support) [lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5) CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before ...) - - liboggplay <unfixed> + - liboggplay <unfixed> (bug #575743) - xulrunner 1.9.1.6-1 [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support) [lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5) diff --git a/data/problematic-packages b/data/problematic-packages index dd8acb5ac8..d858d75c21 100644 --- a/data/problematic-packages +++ b/data/problematic-packages @@ -46,3 +46,7 @@ Removed from squeeze, no maintainer response in more than three months. polipo (Dec 2009) maintainer seems inactive +--- + +libmikmod (Mar 2010) +maintainer seems MIA, latest upload in 2004 |