[Secure-testing-commits] r16468 - data/CVE

Joey Hess Fri, 01 Apr 2011 14:21:59 -0700

Author: joeyh
Date: 2011-04-01 21:16:22 +0000 (Fri, 01 Apr 2011)
New Revision: 16468


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-04-01 14:48:16 UTC (rev 16467)
+++ data/CVE/list       2011-04-01 21:16:22 UTC (rev 16468)
@@ -1,3 +1,9 @@
+CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf 
before ...)
+       TODO: check
+CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as 
used in ...)
+       TODO: check
+CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and 
other ...)
+       TODO: check
 CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the 
/var/log/cobbler/ ...)
        - logrotate <unfixed>
 CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory 
uses ...)
@@ -972,11 +978,9 @@
        - apache2 2.2.17-2 (bug #618857; medium)
        [lenny] - apache2 <not-affected> (different source package in lenny: 
apache2-mpm-itk)
        [lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in 
2.2.11-01)
-CVE-2011-1175
-       RESERVED
+CVE-2011-1175 (tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x 
before ...)
        - asterisk <unfixed>
-CVE-2011-1174
-       RESERVED
+CVE-2011-1174 (manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 
1.6.2.x ...)
        - asterisk <unfixed>
 CVE-2011-1173
        RESERVED
@@ -1742,8 +1746,8 @@
        RESERVED
 CVE-2011-0964
        RESERVED
-CVE-2011-0963
-       RESERVED
+CVE-2011-0963 (The default configuration of the RADIUS authentication feature 
on the ...)
+       TODO: check
 CVE-2011-0962
        RESERVED
 CVE-2011-0961
@@ -2198,8 +2202,7 @@
        RESERVED
 CVE-2011-0765
        RESERVED
-CVE-2011-0764 [xpdf/t1lib arbitrary code execution vuln]
-       RESERVED
+CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and 
other ...)
        - xpdf 3.02-9
        - poppler <not-affected> (never used t1lib)
        - t1lib <unfixed>
@@ -2318,8 +2321,7 @@
        RESERVED
 CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in 
templatefunctions.py in ...)
        - loggerhead 1.18.1-1
-CVE-2011-0727
-       RESERVED
+CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local 
users to ...)
        {DSA-2205-1}
        - gdm3 <unfixed>
 CVE-2011-0726
@@ -6970,8 +6972,7 @@
 CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, 
in ...)
        - freeradius 2.1.10+dfsg-1 (bug #600176)
        [lenny] - freeradius <not-affected> (Vulnerable code not present)
-CVE-2010-3695 [XSS vulnerability in the Fetchmail configuration]
-       RESERVED
+CVE-2010-3695 (Cross-site scripting (XSS) vulnerability in fetchmailprefs.php 
in ...)
        {DSA-2204-1}
        - imp4 4.3.7+debian0-2.1 (bug #598584; low)
        NOTE: 
http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r16468 - data/CVE

Reply via email to