[Secure-testing-commits] r15843 - in data: . CVE

Thu, 13 Jan 2011 13:44:44 -0800 

Author: jmm
Date: 2011-01-13 21:44:36 +0000 (Thu, 13 Jan 2011)
New Revision: 15843

Removed:
   data/elf-vuln
Modified:
   data/CVE/list
Log:
one more cpi.pm fix
fix up old mysql entry
remove historic file


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-01-13 21:16:40 UTC (rev 15842)
+++ data/CVE/list       2011-01-13 21:44:36 UTC (rev 15843)
@@ -1625,7 +1625,7 @@
        NOT-FOR-US: pfSense
 CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows 
remote ...)
        - perl 5.10.1-17 (bug #606995)
-       - libcgi-pm-perl <unfixed> (bug #606370)
+       - libcgi-pm-perl 3.51-1 (bug #606370)
 CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) 
CGI.pm ...)
        - perl 5.10.1-17 (bug #606995)
        - libcgi-pm-perl 3.50-1 (bug #606370)
@@ -98813,7 +98813,7 @@
 CVE-2003-0151 (BEA WebLogic Server and Express 6.0 through 7.0 does not 
properly ...)
        NOT-FOR-US: BEA WebLogic Server
 CVE-2003-0150 (MySQL 3.23.55 and earlier creates world-writeable files and 
allows ...)
-       NOT-FOR-US: Historic MySQL issue
+       - mysql <removed>
 CVE-2003-0149 (Heap-based buffer overflow in ePO agent for McAfee ePolicy ...)
        NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2003-0148 (The default installation of MSDE via McAfee ePolicy 
Orchestrator 2.0 ...)

Deleted: data/elf-vuln
===================================================================
--- data/elf-vuln       2011-01-13 21:16:40 UTC (rev 15842)
+++ data/elf-vuln       2011-01-13 21:44:36 UTC (rev 15843)
@@ -1,35 +0,0 @@
-binutils (fixed)
-elfutils (not in debian)
-gdb (fixed)
-ht (fixed)
-prelink (not affected, as not using elfutils library)
-elfsign
-rpm (not affected, only newer than in debian contains elfutils)
-acl2 (affected according to maintainer, full exploit potential unclear, 
rebuilds complicated)
-alleyoop (moritz checking)
-axiom  (affected according to maintainer, full exploit potential unclear, 
rebuilds complicated)
-crash (micah is talking with upstream)
-fenris (not in sarge, moritz checking)
-gccchecker
-gcl (affected according to maintainer, full exploit potential unclear, 
rebuilds complicated)
-gclcvs (affected according to maintainer, full exploit potential unclear, 
rebuilds complicated)
-ggcov
-insight
-kdebindings
-kdesdk
-kmd (fixed)
-ksymoops
-lcrash (fixed)
-ltrace (not vuln)
-lush
-maxima
-memprof
-mol
-mpatrol
-nitpic
-nmap
-oprofile
-oprofile-source
-kernel-patch-kdb
-chpax (not vuln)
-paxctl (not vuln)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to