[Secure-testing-commits] r15544 - in data: . CVE

Mon, 01 Nov 2010 11:50:29 -0700 

Author: jmm-guest
Date: 2010-11-01 18:49:59 +0000 (Mon, 01 Nov 2010)
New Revision: 15544

Modified:
   data/CVE/list
   data/problematic-packages
Log:
- new weborf issue, mark package as problematic
- mailscanner no-dsa/unimportant
- vdr, magic++, teamspeak-server fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-11-01 18:49:14 UTC (rev 15543)
+++ data/CVE/list       2010-11-01 18:49:59 UTC (rev 15544)
@@ -1,5 +1,7 @@
 CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli 
Provisioning ...)
        TODO: check
+CVE-2010-XXXX
+       - weborf 0.12.4-1
 CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM 
console ...)
        TODO: check
 CVE-2010-4119
@@ -1808,7 +1810,7 @@
 CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 
1.0.7.4 place ...)
        - texmacs 1:1.0.7.4-3 (bug #598424)
 CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory 
name ...)
-       - magics++ <unfixed> (bug #598418)
+       - magics++ 2.10.0.dfsg-5.1 (bug #598418)
 CVE-2010-3392
        RESERVED
 CVE-2010-3391
@@ -1820,7 +1822,7 @@
 CVE-2010-3388
        RESERVED
 CVE-2010-3387 (** DISPUTED ** ...)
-       - vdr <unfixed> (unimportant; bug #598308)
+       - vdr 1.6.0-19.1 (unimportant; bug #598308)
        NOTE: Only affects a debugging tool, see bug #598308
 CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a 
zero-length ...)
        - ust 0.7-2.1 (bug #598309)
@@ -1833,7 +1835,7 @@
 CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 
2.0.32 ...)
        - teamspeak-client <unfixed> (low; bug #598304)
        [lenny] - teamspeak-client <no-dsa> (Non-free not supported)
-       - teamspeak-server <unfixed> (low; bug #598305)
+       - teamspeak-server 2.0.24.1+debian-1.1 (low; bug #598305)
        [lenny] - teamspeak-server <no-dsa> (Non-free not supported)
 CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a 
...)
        - tau 2.16.4-1.4 (bug #598303)
@@ -2081,11 +2083,12 @@
        NOTE: and is distributed gzip-compressed
 CVE-2010-3293 [mailscanner virus updates DoS]
        RESERVED
-       - mailscanner <unfixed> (bug #596397; low)
+       - mailscanner <unfixed> (bug #596397; unimportant)
        NOTE: or even unimportant, the script is not used by default
 CVE-2010-3292 [mailscanner may use spoofed data]
        RESERVED
        - mailscanner <unfixed> (bug #596396; low)
+       [squeeze] - mailscanner <no-dsa> (Minor issue)
 CVE-2010-3278
        REJECTED
 CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 
301548 and ...)

Modified: data/problematic-packages
===================================================================
--- data/problematic-packages   2010-11-01 18:49:14 UTC (rev 15543)
+++ data/problematic-packages   2010-11-01 18:49:59 UTC (rev 15544)
@@ -15,3 +15,8 @@
 
 libmikmod (Mar 2010)
 maintainer seems MIA, latest upload in 2004
+
+--
+
+weborf (Nov 2010)
+Every new upstream fixes new vulnerabilities, dropped from Squeeze
\ No newline at end of file


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to