Author: geissert
Date: 2010-04-19 00:13:11 +0000 (Mon, 19 Apr 2010)
New Revision: 14523
Modified:
data/CVE/list
Log:
new fetchmail issue
some pidgin no-dsa issues were "fixed" by a dsa
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-04-18 21:14:54 UTC (rev 14522)
+++ data/CVE/list 2010-04-19 00:13:11 UTC (rev 14523)
@@ -1,3 +1,9 @@
+CVE-2010-XXXX [fetchmail memory exhaustion DoS]
+ - fetchmail <unfixed> (low)
+ [lenny] - fetchmail <no-dsa> (only vulnerable when run under debug
verbosity level)
+ NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
+ NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
+ TODO: file report
CVE-2010-1457
RESERVED
CVE-2010-1456
@@ -8472,11 +8478,9 @@
CVE-2009-3084 (The msn_slp_process_msg function in
libpurple/protocols/msn/slpcall.c ...)
{DSA-2038-1}
- pidgin 2.6.2-1 (low)
- [lenny] - pidgin <no-dsa> (Minor issue)
CVE-2009-3083 (The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c
in the ...)
{DSA-2038-1}
- pidgin 2.6.2-1 (low)
- [lenny] - pidgin <no-dsa> (Minor issue)
CVE-2008-7185 (GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial
of ...)
- rhythmbox <unfixed> (unimportant)
NOTE: No practical security impact