Author: joeyh
Date: 2010-11-19 09:14:59 +0000 (Fri, 19 Nov 2010)
New Revision: 15605
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-18 21:15:11 UTC (rev 15604)
+++ data/CVE/list 2010-11-19 09:14:59 UTC (rev 15605)
@@ -1,3 +1,41 @@
+CVE-2010-4293
+ RESERVED
+CVE-2010-4292
+ RESERVED
+CVE-2010-4291
+ RESERVED
+CVE-2010-4290
+ RESERVED
+CVE-2010-4289
+ RESERVED
+CVE-2010-4288
+ RESERVED
+CVE-2010-4287
+ RESERVED
+CVE-2010-4286
+ RESERVED
+CVE-2010-4285
+ RESERVED
+CVE-2010-4284
+ RESERVED
+CVE-2010-4283
+ RESERVED
+CVE-2010-4282
+ RESERVED
+CVE-2010-4281
+ RESERVED
+CVE-2010-4280
+ RESERVED
+CVE-2010-4279
+ RESERVED
+CVE-2010-4278
+ RESERVED
+CVE-2010-4277
+ RESERVED
+CVE-2010-4276
+ RESERVED
+CVE-2010-4275
+ RESERVED
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director
6.2.0 ...)
TODO: check
CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista
ACC ...)
@@ -217,8 +255,7 @@
- systemtap <unfixed> (bug #603946)
CVE-2010-4169
RESERVED
-CVE-2010-4168
- RESERVED
+CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before
1.0.5 ...)
- openttd <unfixed> (bug #603752)
[lenny] - openttd <not-affected> (Introduced in 1.0)
CVE-2010-4167
@@ -237,8 +274,8 @@
RESERVED
CVE-2010-4161
RESERVED
-CVE-2010-4159
- RESERVED
+CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in
Mono 2.8 ...)
+ TODO: check
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x
through ...)
- php5 5.3.3-4 (bug #603751)
[lenny] - php5 <not-affected> (Only affects 5.3.x)
@@ -359,8 +396,8 @@
RESERVED
CVE-2010-4108
RESERVED
-CVE-2010-4107
- RESERVED
+CVE-2010-4107 (The default configuration of the PJL Access value in the File
System ...)
+ TODO: check
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
NOT-FOR-US: HP Insight Orchestration
CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before
6.2 ...)
@@ -680,8 +717,8 @@
NOT-FOR-US: SAP BusinessObjects Enterprise
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates
different ...)
NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3978
- RESERVED
+CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges
data ...)
+ TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: cForm wordpress plugin
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player
before ...)
@@ -910,10 +947,10 @@
TODO: File was introduced after 1.2.6, so check that next sid version
is at least 1.3.3 or higher
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly
handle ...)
- php5 5.3.3-4 (bug #603751)
-CVE-2010-3869
- RESERVED
-CVE-2010-3868
- RESERVED
+CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag
Certificate ...)
+ TODO: check
+CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag
Certificate ...)
+ TODO: check
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the
mod_site_misc ...)
- proftpd-dfsg 1.3.3a-4
[lenny] - proftpd-dfsg <no-dsa> (Minor issue)
@@ -923,8 +960,7 @@
RESERVED
- linux-2.6 <unfixed>
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3864
- RESERVED
+CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f
through ...)
- openssl 0.9.8o-3
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not
canonicalize ...)
NOT-FOR-US: Apache Shiro / JSecurity
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
