- new pimd issue

- mark two minor games priv esc as unimportant - debian's mono not affected by moonlight issue - libgd/wmf only used to write images - libgd/plt-scheme no-dsa - dhcp issue doesn't affect any Debian release - filed bugs for xen and evince issues - ftpcopy no-dsa - split calibre into two IDs, both fixed in sid git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15825 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Moritz Muehlenhoff <jmm@debian.org> 2011-01-10 17:31:36 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2011-01-10 17:31:36 +0000
commit: ef6cc9a01a4b3b9a7a367bd17c84f708bc12fc2e (patch)
tree: 1377c12297297e04b806a5ecf42ef56cc129f2c9 /data
parent: 5f120424cd4e97c0c80f373d290acd0c0b9d445f (diff)
2 files changed, 44 insertions, 30 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b63207c53c..c8c59feb3b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,11 +7,11 @@ CVE-2010-4645 [php5 DoS via strtod hitting x87 unit bug]
 	[lenny] - php5 <unfixed> (high)
 	NOTE: lenny9 doesn't appear to be affected, for a reason still unknown
 CVE-2011-XXXX [Crash with long HOME environment variable]
-	- toppler <unfixed> (bug #608979)
-	TODO: check
+	- toppler <unfixed> (unimportant; bug #608979)
+	NOTE: Negligable privilege escalation
 CVE-2011-XXXX [Crash with long HOME environment variable]
-	- lbreakout2 <unfixed> (bug #608980)
-	TODO: check
+	- lbreakout2 <unfixed> (unimportant; bug #608980)
+	NOTE: Negligable privilege escalation
 CVE-2011-XXXX [Crash with long GGI_DISPLAY environment variable]
 	- zhcon <unfixed> (bug #608981)
 	TODO: check
@@ -20,6 +20,8 @@ CVE-2011-0343 [syslog-ng log permissions]
 	[lenny] - syslog-ng <not-affected> (Freebsd-specific, which is not supported in Lenny)
 CVE-2010-XXXX [XSS in ftpls]
 	- ftpcopy <unfixed> (bug #607494)
+	[squeeze] - ftpcopy <no-dsa> (Minor issue)
+	[lenny] - ftpcopy <no-dsa> (Minor issue)
 CVE-2011-0285
 	RESERVED
 CVE-2011-0284
@@ -749,8 +751,11 @@ CVE-2010-4580 (Opera before 11.00 does not clear WAP WML form fields after manua
 	NOT-FOR-US: Opera
 CVE-2010-4579 (Opera before 11.00 does not properly constrain dialogs to appear on ...)
 	NOT-FOR-US: Opera
-CVE-2010-XXXX [calibre XSS and file disclosure]
-	- calibre <unfixed> (bug #608822)
+CVE-2010-XXXX [calibre XSS]
+	- calibre 0.7.38+dfsg-1 (bug #608822)
+	NOTE: http://www.waraxe.us/advisory-77.html
+CVE-2010-XXXX [calibre file disclosure]
+	- calibre 0.7.38+dfsg-1 (bug #608822)
 	NOTE: http://www.waraxe.us/advisory-77.html
 CVE-2010-XXXX [webkit info leak]
 	- webkit <unfixed> (low)
@@ -1019,6 +1024,7 @@ CVE-2011-0008
 	RESERVED
 CVE-2011-0007
 	RESERVED
+	- pimd 2.1.6-1 (bug #609304)
 CVE-2011-0006
 	RESERVED
 	- linux-2.6 2.6.32-30
@@ -1484,8 +1490,8 @@ CVE-2010-4314
 CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
 	NOT-FOR-US: Orbis CMS
 CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
-	- tomcat6 <unfixed> (bug #608286)
-	NOTE: CVE Description seems incomplete as there's also an XSS issue.
+	- tomcat6 <unfixed> (unimportant; bug #608286)
+	NOTE: S
 CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
 	NOT-FOR-US: Free Simple Software
 CVE-2010-4310
@@ -1649,9 +1655,9 @@ CVE-2010-4256 [linux: pipe_fcntl local DoS]
 	- linux-2.6 <unfixed>
 CVE-2010-4255 [linux: Xen direct pv guest access crash]
 	RESERVED
-	- xen <unfixed>
+	- xen <unfixed> (bug #609531)
 CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is ...)
-	- moon <unfixed> (bug #608288)
+	- moon <not-affected> (Debian's version of Moonlight is not affected, see #608288)
 CVE-2010-4253
 	RESERVED
 CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...)
@@ -3286,11 +3292,9 @@ CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1
 CVE-2010-3617
 	RESERVED
 CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover ...)
-	- iscp-dhcp <unfixed>
-	- dhcp3 <removed>
-	- dhcp <removed>
-	TODO: check
-	NOTE: probably doesn't affect squeeze: https://lists.isc.org/pipermail/dhcp-users/2010-December/012368.html
+	- isc-dhcp <not-affected> (Only affects 4.2.x)
+	- dhcp3 <not-affected> (Only affects 4.2.x)
+	- dhcp <not-affected> (Only affects 4.2.x)
 CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
@@ -6043,16 +6047,16 @@ CVE-2010-2644 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
 CVE-2010-2643
 	RESERVED
-	- evince <unfixed>
+	- evince <unfixed> (bug #609534)
 CVE-2010-2642
 	RESERVED
-	- evince <unfixed>
+	- evince <unfixed> (bug #609534)
 CVE-2010-2641
 	RESERVED
-	- evince <unfixed>
+	- evince <unfixed> (bug #609534)
 CVE-2010-2640
 	RESERVED
-	- evince <unfixed>
+	- evince <unfixed> (bug #609534)
 CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
 	NOT-FOR-US: IBM WebSphere Commerce Enterprise 7.0
 CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
@@ -16795,8 +16799,10 @@ CVE-2009-3547 (Multiple race conditions in fs/pipe.c in the Linux kernel before
 	- linux-2.6.24 <removed> (high)
 CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before ...)
 	{DSA-1936-1}
-	- libwmf <unfixed>
-	- plt-scheme <unfixed>
+	- libwmf <unfixed>  (unimportant)
+	- plt-scheme <unfixed> (low; bug #601525)
+	[squeeze] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
+	[lenny] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
 	- graphviz <unfixed>
 	- libgd2 2.0.36~rc1~dfsg-3.1 (medium; bug #552534)
 	- php5 <not-affected> (the php packages use the system libgd2)
@@ -48802,8 +48808,10 @@ CVE-2007-4893 (wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpr
 CVE-2007-4892 (Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, ...)
 	NOT-FOR-US: Plesk (Windows)
 CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
-	- libwmf <unfixed>
-	- plt-scheme <unfixed>
+	- libwmf <unfixed>  (unimportant)
+	- plt-scheme <unfixed> (low; bug #601525)
+	[squeeze] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
+	[lenny] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
 	- graphviz <unfixed>
 	- libgd2 2.0.35.dfsg-3
 	[etch] - libgd2 2.0.33-5.2etch1 
@@ -50952,8 +50960,10 @@ CVE-2007-3997 (The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, an
 CVE-2007-3996 (Multiple integer overflows in libgd in PHP before 5.2.4 allow remote ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (bug #443456; medium)
-	- libwmf <unfixed>
-	- plt-scheme <unfixed>
+	- libwmf <unfixed> (unimportant)
+	- plt-scheme <unfixed> (low; bug #601525)
+	[squeeze] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
+	[lenny] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
 	- graphviz <unfixed>
 	NOTE: Debian's PHP packages are linked dynamically against libgd
 	NOTE: see http://www.php.net/releases/5_2_4.php
@@ -52220,16 +52230,20 @@ CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c
 CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
-	- libwmf <unfixed>
-	- plt-scheme <unfixed>
+	- libwmf <unfixed>  (unimportant)
+	- plt-scheme <unfixed> (low; bug #601525)
+	[squeeze] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
+	[lenny] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
 	- graphviz <unfixed>
 	NOTE: CPU consumption DoS
 	TODO: check
 CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
-	- libwmf <unfixed>
-	- plt-scheme <unfixed>
+	- libwmf <unfixed> (unimportant)
+	- plt-scheme <unfixed> (low; bug #601525)
+	[squeeze] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
+	[lenny] - plt-scheme <no-dsa> (Only present in one of the sample packages (plot)
 	- graphviz <unfixed>
 	NOTE: can write a 0 to a 4k window in heap, very unlikely to be controllable.
 	TODO: check
diff --git a/data/embedded-code-copies b/data/embedded-code-copies
index 225930c96b..9a22cd5627 100644
--- a/data/embedded-code-copies
+++ b/data/embedded-code-copies
@@ -581,7 +581,7 @@ libgd2
 	NOTE: lib/gd seems to be 2.0.33
 	- wml 2.0.11ds2-1 (embed)
 	- libwmf <unfixed> (embed)
-	NOTE: derived from gd 1.6.3
+	NOTE: derived from gd 1.6.3, but only used to write images
 	- plt-scheme <unfixed> (embed; bug #601525)
         - texlive-bin 2009-1 (embed)
author	Moritz Muehlenhoff <jmm@debian.org>	2011-01-10 17:31:36 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2011-01-10 17:31:36 +0000
commit	ef6cc9a01a4b3b9a7a367bd17c84f708bc12fc2e (patch)
tree	1377c12297297e04b806a5ecf42ef56cc129f2c9 /data
parent	5f120424cd4e97c0c80f373d290acd0c0b9d445f (diff)