[Secure-testing-commits] r13332 - data/CVE

Fri, 20 Nov 2009 14:56:33 -0800 

Author: geissert
Date: 2009-11-20 22:56:26 +0000 (Fri, 20 Nov 2009)
New Revision: 13332

Modified:
   data/CVE/list
Log:
new linux and xulrunner issues, 2 NFUs, one linux issue CVEified


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-11-20 21:14:22 UTC (rev 13331)
+++ data/CVE/list       2009-11-20 22:56:26 UTC (rev 13332)
@@ -21,9 +21,9 @@
 CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in 
RhinoSoft ...)
        TODO: check
 CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c 
in the ...)
+       - linux-2.6 <unfixed>
+       - linux-2.6.24 <removed>
        TODO: check
-CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in 
...)
-       TODO: check
 CVE-2009-4003
        RESERVED
 CVE-2009-4002
@@ -75,6 +75,7 @@
 CVE-2009-3979
        RESERVED
 CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in 
decoders/gif/nsGIFDecoder2.cpp ...)
+       - xulrunner <unfixed>
        TODO: check
 CVE-2009-3977 (Multiple buffer overflows in a certain ActiveX control in ...)
        TODO: check
@@ -181,7 +182,7 @@
 CVE-2009-3939 (The poll_mode_io file for the megaraid_sas driver in the Linux 
kernel ...)
        - linux-2.6 <unfixed> (low)
        - linux-2.6.24 <removed> (low)
-CVE-2009-XXXX [kernel memory corruption in kvm_vcpu_ioctl_x86_setup_mce]
+CVE-2009-4004 [kernel memory corruption in kvm_vcpu_ioctl_x86_setup_mce]
        - linux-2.6 <unfixed>
        [etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
        - linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
@@ -403,9 +404,9 @@
 CVE-2009-3842
        RESERVED
 CVE-2009-3841 (Unspecified vulnerability in HP Discovery &amp; Dependency 
Mapping ...)
-       TODO: check
+       NOT-FOR-US: HP Discovery & Dependency Mapping
 CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP 
OpenView ...)
-       TODO: check
+       NOT-FOR-US: HP OpenView
 CVE-2009-3839 (Unspecified vulnerability in the Solaris Trusted Extensions 
Policy ...)
        NOT-FOR-US: Sun Solaris
 CVE-2009-3838 (Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and 
possibly ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to