Author: derevko-guest Date: 2010-07-05 11:07:13 +0000 (Mon, 05 Jul 2010) New Revision: 14963 Modified: data/CVE/list Log: CVE-2010-2233, CVE-2010-1632, CVE-2004-1733, CVE-2004-1732, are fixed in unstable bug filed for CVE-2010-1625 Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-07-05 09:32:35 UTC (rev 14962) +++ data/CVE/list 2010-07-05 11:07:13 UTC (rev 14963) @@ -934,8 +934,7 @@ CVE-2010-2234 RESERVED CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...) - - tiff <undetermined> - TODO: check + - tiff 3.9.4-1 (low) CVE-2010-2232 RESERVED CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in ...) @@ -2476,8 +2475,7 @@ - openssl <not-affected> (This bug is only present in OpenSSL 1.0.0) TODO: recheck once >= 1.0.0 gets uploaded CVE-2010-1632 (Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server ...) - - axis2c <undetermined> - TODO: check + - axis2c 1.6.0-1 CVE-2010-1631 RESERVED CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 has ...) @@ -2497,9 +2495,8 @@ - mysql-dfsg-5.0 <removed> (low; bug #584400) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648 CVE-2010-1625 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer ...) - - lxr <undetermined> - - lxr-cvs <undetermined> - TODO: check + - lxr <unfixed> (bug #588138) + - lxr-cvs <unfixed> (bug #588137) CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ...) - pidgin 2.7.0-1 (low) [lenny] - pidgin 2.4.3-4lenny6 @@ -84709,11 +84706,9 @@ CVE-2004-1734 (PHP remote file inclusion vulnerability in Mantis 0.19.0a allows ...) - mantis 0.19.2-1 CVE-2004-1733 (Directory traversal vulnerability in MyDMS 1.4.2 and other versions ...) - - mydms <undetermined> - TODO: check + - mydms 1.4.3-1 CVE-2004-1732 (SQL injection vulnerability in out.ViewFolder.php in MyDMS before ...) - - mydms <undetermined> - TODO: check + - mydms 1.4.3-1 CVE-2004-1731 (signup_page.php in Mantis bugtracker allows remote attackers to send ...) - mantis 0.19.0-1 CVE-2004-1730 (Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows ...)