Author: geissert Date: 2010-02-08 04:56:39 +0000 (Mon, 08 Feb 2010) New Revision: 14060 Modified: data/CVE/list Log: n-m issues update, thanks Michael Biebl one otrs issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-02-07 22:10:57 UTC (rev 14059) +++ data/CVE/list 2010-02-08 04:56:39 UTC (rev 14060) @@ -257,8 +257,12 @@ TODO: check CVE-2010-0439 RESERVED -CVE-2010-0438 +CVE-2010-0438 [OTRS SQL injection] RESERVED + - otrs <not-affected> (vulnerable code not present) + [etch] - otrs2 <not-affected> (vulnerable code not present) + - otrs2 2.4.7-1 (medium) + NOTE: http://otrs.org/advisory/OSA-2010-01-en/ CVE-2010-0437 RESERVED CVE-2010-0436 @@ -2189,10 +2193,8 @@ - xpat2 <unfixed> (unimportant; bug #560087) CVE-2009-4144 (NetworkManager (NM) 0.7.2 does not ensure that the configured ...) - network-manager-applet 0.7.2-2 (low; bug #560067) - - network-manager 0.6.5-1 (low) - [lenny] - network-manager-applet <no-dsa> (minor issue) - [etch] - network-manager <no-dsa> (minor issue) - NOTE: network-manager in lenny not affected, because it is in network-manager-applet + [lenny] - network-manager-applet <not-affected> (WPA/enterprise was added in 0.7.2) + - network-manager <not-affected> (vulnerable code is in -applet, which is a source package on its own as of 0.6.5) CVE-2009-XXXX [unsafe xfs] - xfs 1:1.0.8-6 (low; bug #521107) [etch] - xfs <no-dsa> (minor issue) @@ -2511,11 +2513,8 @@ - kfreebsd-6 <not-affected> (the affected file -rtld.c- is not in the archive, not even kFreeBSD) CVE-2009-4145 (nm-connection-editor in NetworkManager (NM) 0.7.x exports connection ...) - network-manager-applet 0.7.2-2 (low; bug #563371) - - network-manager 0.6.5-1 (low) - [lenny] - network-manager-applet <no-dsa> (minor issue) - [etch] - network-manager <no-dsa> (minor issue) - NOTE: network-manager in lenny not affected, because it is in network-manager-applet - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=546117 + - network-manager <not-affected> (-editor introduced in 0.7 on the -applet package) + [lenny] - network-manager-applet <not-affected> (-editor was introduced in 0.7) CVE-2009-4143 (PHP before 5.2.12 does not properly handle session data, which has ...) - php5 5.2.12.dfsg.1-1 (low) CVE-2009-4142 (The htmlspecialchars function in PHP before 5.2.12 does not properly ...)