jmm-guest at alioth.debian.org
2009-Mar-18 21:29 UTC
[Secure-testing-commits] r11441 - data/CVE
Author: jmm-guest
Date: 2009-03-18 21:29:05 +0000 (Wed, 18 Mar 2009)
New Revision: 11441
Modified:
data/CVE/list
Log:
two tor issues CVEfied
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-03-18 21:14:10 UTC (rev 11440)
+++ data/CVE/list 2009-03-18 21:29:05 UTC (rev 11441)
@@ -1,9 +1,9 @@
CVE-2009-0939 (Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid,
which ...)
TODO: check
CVE-2009-0938 (Unspecified vulnerability in Tor before 0.2.0.34 allows
directory ...)
- TODO: check
+ - tor 0.2.0.34-1 (bug #512728)
CVE-2009-0937 (Unspecified vulnerability in Tor before 0.2.0.34 allows
directory ...)
- TODO: check
+ - tor 0.2.0.34-1 (bug #514580)
CVE-2009-0936 (Unspecified vulnerability in Tor before 0.2.0.34 allows
attackers to ...)
TODO: check
CVE-2009-0935 (The inotify_read function in the Linux kernel 2.6 before
2.6.29-rc3 ...)
@@ -1749,10 +1749,6 @@
NOT-FOR-US: Discussion Forums
CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal
1.1 ...)
NOT-FOR-US: RPortal
-CVE-2009-XXXX [tor: potential crash on exit nodes when processing malformed
input]
- - tor 0.2.0.34-1 (bug #512728)
-CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory
mirror]
- - tor 0.2.0.34-1 (bug #514580)
CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in
blocks/html/block_html.php ...)
{DSA-1724-1}
- moodle 1.8.2.dfsg-3 (low)