[Secure-testing-commits] r15426 - data/CVE

Joey Hess Tue, 05 Oct 2010 14:15:46 -0700

Author: joeyh
Date: 2010-10-05 21:14:59 +0000 (Tue, 05 Oct 2010)
New Revision: 15426


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-10-05 09:36:37 UTC (rev 15425)
+++ data/CVE/list       2010-10-05 21:14:59 UTC (rev 15426)
@@ -683,8 +683,7 @@
        RESERVED
        - quassel 0.7.1-1 (bug #597853)
        NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
-CVE-2010-3442 [heap corruption in snd_ctl_new]
-       RESERVED
+CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
        - linux-2.6 <unfixed>
        NOTE: 
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
 CVE-2010-3441
@@ -702,8 +701,7 @@
        RESERVED
        - libpoe-component-irc-perl 6.32+dfsg-1
        [lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
-CVE-2010-3437 [linux pktcdvd ioctl dev_minor missing range check]
-       RESERVED
+CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor 
function in ...)
        - linux-2.6 <unfixed>
 CVE-2010-3436 [open_basedir bypass]
        RESERVED
@@ -913,8 +911,7 @@
        RESERVED
        - qtparted 0.4.5-8 (low; bug #598301)
        [lenny] - qtparted <no-dsa> (Minor issue)
-CVE-2010-3374
-       RESERVED
+CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in 
the ...)
        - qtcreator <unfixed> (bug #598300)
 CVE-2010-3373
        RESERVED
@@ -1059,8 +1056,7 @@
        TODO: check
        NOTE: partial fix 
http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
        NOTE: see [email protected]
-CVE-2010-3315
-       RESERVED
+CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, 
as ...)
        - subversion 1.6.12dfsg-2 (low)
 CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in 
EGroupware ...)
        {DSA-2013-1}
@@ -4989,8 +4985,8 @@
 CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used 
in ...)
        - webkit <undetermined>
        - chromium-browser <undetermined>
-CVE-2010-1822
-       RESERVED
+CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not 
properly ...)
+       TODO: check
 CVE-2010-1821
        RESERVED
 CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x 
through ...)
@@ -5588,8 +5584,7 @@
        - pidgin 2.7.0-1 (low)
        [lenny] - pidgin 2.4.3-4lenny6
        NOTE: MSN support was disabled in 2.4.3-4lenny6
-CVE-2010-1623 [DoS through mem usage]
-       RESERVED
+CVE-2010-1623 (The apr_brigade_split_line function in buckets/apr_brigade.c in 
the ...)
        {DSA-2117-1}
        - apr-util 1.3.9+dfsg-4 (medium)
 CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 
before ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r15426 - data/CVE

Reply via email to