Author: geissert Date: 2009-11-20 22:56:26 +0000 (Fri, 20 Nov 2009) New Revision: 13332 Modified: data/CVE/list Log: new linux and xulrunner issues, 2 NFUs, one linux issue CVEified Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-11-20 21:14:22 UTC (rev 13331) +++ data/CVE/list 2009-11-20 22:56:26 UTC (rev 13332) @@ -21,9 +21,9 @@ CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...) TODO: check CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...) + - linux-2.6 <unfixed> + - linux-2.6.24 <removed> TODO: check -CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...) - TODO: check CVE-2009-4003 RESERVED CVE-2009-4002 @@ -75,6 +75,7 @@ CVE-2009-3979 RESERVED CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp ...) + - xulrunner <unfixed> TODO: check CVE-2009-3977 (Multiple buffer overflows in a certain ActiveX control in ...) TODO: check @@ -181,7 +182,7 @@ CVE-2009-3939 (The poll_mode_io file for the megaraid_sas driver in the Linux kernel ...) - linux-2.6 <unfixed> (low) - linux-2.6.24 <removed> (low) -CVE-2009-XXXX [kernel memory corruption in kvm_vcpu_ioctl_x86_setup_mce] +CVE-2009-4004 [kernel memory corruption in kvm_vcpu_ioctl_x86_setup_mce] - linux-2.6 <unfixed> [etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25) - linux-2.6.24 <not-affected> (kvm introduced in 2.6.25) @@ -403,9 +404,9 @@ CVE-2009-3842 RESERVED CVE-2009-3841 (Unspecified vulnerability in HP Discovery & Dependency Mapping ...) - TODO: check + NOT-FOR-US: HP Discovery & Dependency Mapping CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP OpenView ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2009-3839 (Unspecified vulnerability in the Solaris Trusted Extensions Policy ...) NOT-FOR-US: Sun Solaris CVE-2009-3838 (Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly ...)