Author: joeyh
Date: 2010-03-31 09:15:04 +0000 (Wed, 31 Mar 2010)
New Revision: 14365
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-31 08:51:01 UTC (rev 14364)
+++ data/CVE/list 2010-03-31 09:15:04 UTC (rev 14365)
@@ -1002,6 +1002,7 @@
RESERVED
CVE-2010-0828 [moin despam action xss]
RESERVED
+ {DSA-2024-1}
- moin <unfixed> (low; bug #575995)
CVE-2010-0827
RESERVED
@@ -1245,7 +1246,7 @@
RESERVED
CVE-2010-0741 [linux-2.6: virtio dos]
RESERVED
- - linux-2.6 2.6.26-1
+ - linux-2.6 2.6.26-1
CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f
through ...)
- openssl 0.9.8n-1 (medium; bug #575607)
[lenny] - openssl <not-affected> (only 0.9.8m is affected with 16 bit
shorts)
@@ -2943,6 +2944,7 @@
CVE-2010-0164 (Use-after-free vulnerability in the ...)
TODO: check
CVE-2010-0163 (Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19
...)
+ {DSA-2025-1}
- icedove <unfixed> (medium)
CVE-2010-0162 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and
...)
{DSA-1999-1}
@@ -7661,7 +7663,7 @@
- xulrunner 1.9.0.14-1
[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by
security support)
CVE-2009-3075 (Multiple unspecified vulnerabilities in the JavaScript engine in
...)
- {DSA-1885-1}
+ {DSA-2025-1 DSA-1885-1}
- xulrunner 1.9.0.14-1
- icedove <unfixed>
[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by
security support)
@@ -7674,7 +7676,7 @@
[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
CVE-2009-3072 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- {DSA-1885-1}
+ {DSA-2025-1 DSA-1885-1}
- xulrunner 1.9.0.14-1
- icedove <unfixed>
[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by
security support)
@@ -9476,7 +9478,7 @@
- poppler 0.12.2-2.1 (low; bug #534680)
[etch] - poppler <not-affected> (Vulnerable code not present)
CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox
before ...)
- {DSA-1874-1}
+ {DSA-2025-1 DSA-1874-1}
- nss 3.12.3-1 (medium; bug #539934)
- icedove <unfixed> (medium)
CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows
remote ...)
@@ -9979,7 +9981,7 @@
- xulrunner 1.9.0.12-1
[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by
security support)
CVE-2009-2463 (Multiple integer overflows in the (1) PL_Base64Decode and (2)
...)
- {DSA-1931-1}
+ {DSA-2025-1 DSA-1931-1}
- nspr 4.8.2-1
- icedove <unfixed>
[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer
covered by security support)
@@ -10200,7 +10202,7 @@
- jbossas4 4.2.2.GA-1 (bug #562000)
[lenny] - jbossas4 <no-dsa> (Contrib not supported)
CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in
Mozilla ...)
- {DSA-1874-1}
+ {DSA-2025-1 DSA-1874-1}
- nss 3.12.3-1 (low; bug #539934)
- icedove <unfixed> (low)
CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote
attackers to ...)