Author: nion Date: 2009-05-25 23:35:20 +0000 (Mon, 25 May 2009) New Revision: 11975 Modified: data/CVE/list Log: - NFUs - CVE-2009-0161 should be a dupe - CVE-2009-1189 fixed in dbus 1.2.14-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-25 21:44:16 UTC (rev 11974) +++ data/CVE/list 2009-05-25 23:35:20 UTC (rev 11975) @@ -46,7 +46,7 @@ CVE-2009-1739 (PAD Site Scripts 3.6 allows remote attackers to bypass authentication ...) NOT-FOR-US: PAD Site Scripts CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before ...) - TODO: check + NOT-FOR-US: Feed Block CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows ...) NOT-FOR-US: MyPic CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket System ...) @@ -64,7 +64,7 @@ CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica ...) NOT-FOR-US: NetDecision TFTP Server CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...) - TODO: check + NOT-FOR-US: Sun Java System Communications Express CVE-2009-1728 RESERVED CVE-2009-1727 @@ -1923,7 +1923,7 @@ CVE-2009-1190 (Algorithmic complexity vulnerability in the ...) TODO: check CVE-2009-1189 (The _dbus_validate_signature_with_reason function ...) - TODO: check + - dbus 1.2.14-1 CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in Poppler before ...) - poppler 0.10.6-1 (medium; bug #524806) [lenny] - poppler 0.8.7-2 @@ -5853,9 +5853,10 @@ - cups 1.3.10-1 - cupsys <removed> CVE-2009-0162 (Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 ...) - TODO: check + NOT-FOR-US: Safari CVE-2009-0161 (The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 ...) - TODO: check + NOT-FOR-US: Mac OS X + NOTE: dupe of CVE-2009-0642 CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...) NOT-FOR-US: QuickDraw Manager CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c ...)