Author: jmm-guest Date: 2010-04-28 19:48:23 +0000 (Wed, 28 Apr 2010) New Revision: 14566 Modified: data/CVE/list Log: - maintainer provided an spu upload for iscsitarget - one kde4libs issue not affected - record one more qt4 fix Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-28 02:27:26 UTC (rev 14565) +++ data/CVE/list 2010-04-28 19:48:23 UTC (rev 14566) @@ -770,7 +770,6 @@ - moodle <not-affected> (Vulnerable code not present) - phpmyadmin <not-affected> (Vulnerable code not present) - tcpdf <itp> (bug #495985) - TODO: check NOTE: http://sourceforge.net/projects/tcpdf/files/CHANGELOG.TXT/view NOTE: http://seclists.org/fulldisclosure/2010/Apr/104 NOTE: setting K_TCPDF_CALLS_IN_HTML to false mitigates the problem @@ -2295,6 +2294,7 @@ NOTE: http://www.juniper.net/security/auto/vulnerabilities/vuln35507.html CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI ...) - iscsitarget 1:1.0.3-2 (medium; bug #574935) + TODO: next point update: [lenny] - iscsitarget 0.4.16+svn162-3.1 - tgt 1:1.0.3-2 (medium; bug #576086) CVE-2010-0742 RESERVED @@ -13241,7 +13241,7 @@ - webkit 1.1.12-1 (medium; bug #535793) NOTE: http://trac.webkit.org/changeset/36918 - kdelibs <not-affected> - - kde4libs <undetermined> + - kde4libs <not-affected> - qt4-x11 4:4.5.2-1 [etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4) CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...) @@ -13356,7 +13356,8 @@ - webkit 1.1.12-1 (medium; bug #535793) - kdelibs <not-affected> - kde4libs <not-affected> - - qt4-x11 <unfixed> + - qt4-x11 4:4.6.2-4 + NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against [lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit ) NOTE: http://trac.webkit.org/changeset/35928 CVE-2009-1692 (WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, ...)