[Secure-testing-commits] r16519 - data/CVE

Tue, 12 Apr 2011 14:15:00 -0700 

Author: joeyh
Date: 2011-04-12 21:14:41 +0000 (Tue, 12 Apr 2011)
New Revision: 16519

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-04-12 12:48:50 UTC (rev 16518)
+++ data/CVE/list       2011-04-12 21:14:41 UTC (rev 16519)
@@ -281,8 +281,8 @@
        RESERVED
 CVE-2009-5066
        RESERVED
-CVE-2009-5065
-       RESERVED
+CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in 
Universal ...)
+       TODO: check
 CVE-2011-XXXX [drupal6-mod-tagadelic XSS]
        - drupal6-mod-tagadelic 1.3-1 (low)
        NOTE: DRUPAL-SA-CONTRIB-2011-013
@@ -475,8 +475,8 @@
        RESERVED
 CVE-2011-1488
        RESERVED
-CVE-2011-1487
-       RESERVED
+CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in 
Perl ...)
+       TODO: check
 CVE-2011-1486
        RESERVED
 CVE-2011-1485
@@ -725,9 +725,9 @@
        RESERVED
 CVE-2011-1402
        RESERVED
-CVE-2011-1401
-       RESERVED
+CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the 
htmlscrubber ...)
        {DSA-2214-1}
+       TODO: check
 CVE-2011-1400 (The default configuration of the shell_escape_commands 
directive in ...)
        {DSA-2198-1}
        - tex-common 2.09
@@ -1331,20 +1331,17 @@
        RESERVED
 CVE-2011-1159
        RESERVED
-CVE-2011-1158 [sanitizer doesn't strip unsafe URI schemes]
-       RESERVED
+CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in 
Universal ...)
        - feedparser 5.0.1-1 (low; bug #617998)
        [squeeze] - feedparser <no-dsa> (Minor issue)
        [lenny] - feedparser <no-dsa> (Minor issue)
        NOTE: https://code.google.com/p/feedparser/issues/detail?id=255
-CVE-2011-1157 [sanitization can be bypassed by malformed XML comments]
-       RESERVED
+CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in 
Universal ...)
        - feedparser 5.0.1-1 (low; bug #617998)
        [squeeze] - feedparser <no-dsa> (Minor issue)
        [lenny] - feedparser <no-dsa> (Minor issue)
        NOTE: https://code.google.com/p/feedparser/issues/detail?id=254
-CVE-2011-1156 [invalid text in XML declaration causes sanitizer to crash]
-       RESERVED
+CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
        - feedparser 5.0.1-1 (low; bug #617998)
        [squeeze] - feedparser <no-dsa> (Minor issue)
        [lenny] - feedparser <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to