Author: jmm-guest
Date: 2010-06-09 21:26:56 +0000 (Wed, 09 Jun 2010)
New Revision: 14838

Modified:
   data/CVE/list
Log:
rpm CVEfied
historic dpkg issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-06-09 21:23:22 UTC (rev 14837)
+++ data/CVE/list       2010-06-09 21:26:56 UTC (rev 14838)
@@ -41,15 +41,18 @@
 CVE-2010-2200
        RESERVED
 CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the 
...)
-       TODO: check
+       - rpm <unfixed> (bug #584257; unimportant)
+       NOTE: Marking as unimportant since rpm isn't used as a package manager
 CVE-2010-2198 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the 
...)
-       TODO: check
+       - rpm <unfixed> (bug #584257; unimportant)
+       NOTE: Marking as unimportant since rpm isn't used as a package manager
 CVE-2010-2197 (rpmbuild in RPM 4.8.0 and earlier does not properly parse the 
syntax ...)
        TODO: check
 CVE-2005-4889 (lib/fsm.c in RPM before 4.4.3 does not properly reset the 
metadata of ...)
-       TODO: check
+       - rpm 4.7.0-1 (bug #584257; unimportant)
+       NOTE: Marking as unimportant since rpm isn't used as a package manager
 CVE-2004-2768 (dpkg 1.9.21 does not properly reset the metadata of a file 
during ...)
-       TODO: check
+       - dpkg 1.10.19 (bug #225692)
 CVE-2010-2196
        RESERVED
 CVE-2010-2195
@@ -229,9 +232,6 @@
        - eglibc 2.11.1-1 (unimportant)
        - glibc <removed>
        NOTE: 
http://sourceware.org/git/?p=glibc.git;a=commit;h=199eb0de8d673fb23aa127721054b4f1803d61f3
-CVE-2010-XXXX [rpm setuid handling]
-       - rpm <unfixed> (bug #584257; unimportant)
-       NOTE: Marking as unimportant since rpm isn't used as a package manager
 CVE-2010-2116 (The web interface in McAfee Email Gateway (formerly IronMail) 
6.7.1 ...)
        NOT-FOR-US: McAfee Email Gateway
 CVE-2010-2115 (SolarWinds TFTP Server 10.4.0.10 allows remote attackers to 
cause a ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to