Secure testing commits - Nov 2009 - r13279 - data/CVE

Author: derevko-guest
Date: 2009-11-12 18:58:53 +0000 (Thu, 12 Nov 2009)
New Revision: 13279

Modified:
   data/CVE/list
Log:
- NFUs
- CVE-2009-3555: fixed in openssl 0.9.8k-6


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-11-12 18:37:53 UTC (rev 13278)
+++ data/CVE/list	2009-11-12 18:58:53 UTC (rev 13279)
@@ -5,23 +5,23 @@
 CVE-2009-3923 (The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual
Desktop ...)
 	TODO: check
 CVE-2009-3922 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the User ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3921 (The Smartqueue_og module 5.x before 5.x-1.3 and 6.x before ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3920 (An administration page in the NGP COO/CWP Integration (crmngp)
module ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3919 (Cross-site scripting (XSS) vulnerability in the NGP COO/CWP ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3918 (Cross-site scripting (XSS) vulnerability in the Zoomify module
5.x ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3917 (Cross-site scripting (XSS) vulnerability in the S5 Presentation
Player ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3916 (Cross-site scripting (XSS) vulnerability in the Node Hierarchy
module ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3915 (Cross-site scripting (XSS) vulnerability in the
"Separate title and ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3914 (Cross-site scripting (XSS) vulnerability in the Temporary
Invitation ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-3913 (SQL injection vulnerability in summary.php in Xerox Fiery
Webtools ...)
 	NOT-FOR-US: Xerox Fiery Webtools
 CVE-2009-3912 (Directory traversal vulnerability in index.php in TFTgallery
0.13 ...)
@@ -927,7 +927,7 @@
 CVE-2009-3556
 	RESERVED
 CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier,
as ...)
-	- openssl <unfixed>
+	- openssl 0.9.8k-6 (bug #555829)
 	- openssl097 <removed>
 	- gnutls26 <unfixed>
 	- gnutls13 <removed>