[Secure-testing-commits] r13671 - in data: CVE packages

Raphael Geissert Mon, 28 Dec 2009 21:50:58 -0800

Author: geissert
Date: 2009-12-29 05:50:43 +0000 (Tue, 29 Dec 2009)
New Revision: 13671


Modified:
   data/CVE/list
   data/packages/new-packages
Log:
Two ITPs, one NEW package, NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-12-28 21:14:20 UTC (rev 13670)
+++ data/CVE/list       2009-12-29 05:50:43 UTC (rev 13671)
@@ -865,6 +865,7 @@
 CVE-2009-4141
        RESERVED
 CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php 
in Open ...)
+       - piwik <itp> (bug #506933)
        TODO: check
 CVE-2009-4139
        RESERVED
@@ -886,6 +887,7 @@
 CVE-2009-4134
        RESERVED
 CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, 
Grid for ...)
+       - condor <itp> (bug #233482)
        TODO: check
 CVE-2009-4132
        REJECTED
@@ -1760,25 +1762,25 @@
        NOTE: but the "fixes" linked from the advisory only change code in 
kdelibs
        NOTE: more info at oss-sec threads
 CVE-2009-3800 (Multiple unspecified vulnerabilities in Adobe Flash Player 
before ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3799 (Integer overflow in the Verifier::parseExceptionHandlers 
function in ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3798 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 
might ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3797 (Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 
1.5.3 ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3796 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 
might ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3795
        RESERVED
 CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before 
10.0.42.34 and ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Player
 CVE-2009-3793
        RESERVED
 CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server 
(FMS) ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Media Server
 CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS) 
before ...)
-       TODO: check
+       NOT-FOR-US: Adobe Flash Media Server
 CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm) 
evaluation ...)
        NOT-FOR-US: FormMax
 CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in 
OpenDocMan ...)
@@ -4915,17 +4917,17 @@
        [lenny] - burn 0.4.3-2.1+lenny1
        [etch] - burn <no-dsa> (Minor issue)
 CVE-2009-2880 (Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 
26.x ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2879 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF 
Player ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2878 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF 
Player ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2877 (Stack-based buffer overflow in ataudio.dll in the Cisco WebEx 
WRF ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2876 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF 
Player ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2875 (Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 
26.x ...)
-       TODO: check
+       NOT-FOR-US: Cisco WebEx WRF Player
 CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 
...)
        NOT-FOR-US: Cisco Unified Presence
 CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the 
Cisco ...)
@@ -40801,9 +40803,9 @@
 CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) 
before ...)
        NOT-FOR-US: Cisco
 CVE-2007-2281 (Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in 
rds.exe ...)
-       TODO: check
+       NOT-FOR-US: HP OpenView Storage Data Protector 
 CVE-2007-2280 (Stack-based buffer overflow in OmniInet.exe (aka the backup 
client ...)
-       TODO: check
+       NOT-FOR-US: HP OpenView Storage Data Protector
 CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage 
...)
        NOT-FOR-US: Symantec
 CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in 
DCP-Portal 6.1.1 ...)

Modified: data/packages/new-packages
===================================================================
--- data/packages/new-packages  2009-12-28 21:14:20 UTC (rev 13670)
+++ data/packages/new-packages  2009-12-29 05:50:43 UTC (rev 13671)
@@ -123,3 +123,4 @@
 uanytun
 xblast-tnt
 xblast-tnt-sounds
+dnsjava


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r13671 - in data: CVE packages

Reply via email to