[Secure-testing-commits] r15658 - in data: . CVE

Tue, 07 Dec 2010 13:22:57 -0800 

Author: jmm-guest
Date: 2010-12-07 21:22:48 +0000 (Tue, 07 Dec 2010)
New Revision: 15658

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
hamlib spu fix
wordpress CVEfied and fixed
clamav fixed
pootle fixed, rewrite broken not-affected entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-12-07 21:16:04 UTC (rev 15657)
+++ data/CVE/list       2010-12-07 21:22:48 UTC (rev 15658)
@@ -333,10 +333,6 @@
        RESERVED
 CVE-2010-4334
        RESERVED
-CVE-2010-XXXX
-       NOTE: http://codex.wordpress.org/Version_3.0.2
-       NOTE: http://core.trac.wordpress.org/changeset/16625
-       - wordpress <unfixed> (bug #605603)
 CVE-2010-4333
        RESERVED
 CVE-2010-4332
@@ -520,25 +516,23 @@
        - linux-2.6 <unfixed>
 CVE-2010-4262 [xfig color definition parsing stack buffer overflow]
        RESERVED
-       - xfig <unfixed>
-       TODO: check
+       - xfig <unfixed> (bug #606257)
        NOTE: details and patch at https://bugzilla.redhat.com/659676
 CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in 
libclamav in ...)
-       - clamav <unfixed>
+       - clamav 0.96.5+dfsg-1
        [lenny] - clamav <end-of-life>
-       TODO: check
 CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in 
ClamAV ...)
-       - clamav <unfixed>
+       - clamav 0.96.5+dfsg-1
        [lenny] - clamav <end-of-life>
-       TODO: check
 CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote 
...)
        - fontforge 0.0.20100501-4 (bug #605537)
 CVE-2010-4258 [linux failure to revert address limit override in OOPS error 
path]
        RESERVED
        - linux-2.6 <unfixed>
 CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in 
...)
-       - wordpress <unfixed>
-       TODO: check
+       NOTE: http://codex.wordpress.org/Version_3.0.2
+       NOTE: http://core.trac.wordpress.org/changeset/16625
+       - wordpress 3.0.2-1 (bug #605603)
 CVE-2010-4256 [linux: pipe_fcntl local DoS]
        RESERVED
        - linux-2.6 <unfixed>
@@ -631,8 +625,8 @@
        - proftpd-dfsg 1.3.3a-5 (bug #603511; bug #602279)
        [lenny] - proftpd-dfsg <not-affected> (Introduced in 1.3.2rc3)
 CVE-2010-XXXX [pootle XSS vulnerability via 'match_names']
-       - pootle <unfixed> (low; bug #604060)
-       [lenny] - pootle <not-affected> (Minor issue)
+       - pootle 2.0.5-0.3 (low; bug #604060)
+       [lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated 
Solution ...)
        NOT-FOR-US: IBM WebSphere
 CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in 
SemanticTagService.js in ...)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt  2010-12-07 21:16:04 UTC (rev 15657)
+++ data/next-point-update.txt  2010-12-07 21:22:48 UTC (rev 15658)
@@ -1,6 +1,7 @@
 CVE-2010-3763
        [lenny] - mantis 1.1.6+dfsg-2lenny4
+CVE-2009-3736
+       [lenny] - hamlib 1.2.7.1-1+lenny1
 
 
 
-


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to