Author: jmm-guest
Date: 2009-05-05 19:37:42 +0000 (Tue, 05 May 2009)
New Revision: 11800
Modified:
data/CVE/list
Log:
- new coccinelle issue
- memcached doesn''t affect released versions
- new kernel issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-05 19:33:01 UTC (rev 11799)
+++ data/CVE/list 2009-05-05 19:37:42 UTC (rev 11800)
@@ -1,3 +1,5 @@
+CVE-2009-XXXX [unsafe temp file in coccinelle]
+ - coccinelle 0.1.7.deb-3 (low)
CVE-2009-1519
NOT-FOR-US: Pecio CMS
CVE-2009-1518
@@ -101,8 +103,9 @@
NOTE: http://jira.codehaus.org/browse/JETTY-1004
NOTE: It''s not entirely clear, whether version 5 is affected
CVE-2009-1494 (The process_stat function in Memcached 1.2.8 discloses ...)
- - memcached 1.2.8-1 (unimportant; bug #526554)
- NOTE: no security issue by itself just hardening
+ - memcached 1.2.8-1 (low; bug #526554)
+ [lenny] - memcached <not-affected> (Affected compile-time options not
set)
+ [etch] - memcached <not-affected> (Affected compile-time options not
set)
CVE-2009-1493 (The customDictionaryOpen spell method in the JavaScript API in
Adobe ...)
NOT-FOR-US: Adobe Reader
CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe Reader
and ...)
@@ -1268,8 +1271,12 @@
CVE-2009-1185 (udev before 1.4.1 does not verify whether a NETLINK message
originates ...)
{DSA-1772-1}
- udev 0.141-1 (medium)
-CVE-2009-1184
+CVE-2009-1184 [selinux ip postroute]
RESERVED
+ - linux-2.6 2.6.30-1
+ NOTE: compat code was removed in 30-rc1, so marking 2.6.30 as fixed
+ [etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24
release)
+ - linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24
release)
CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and ...)
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)