Author: jmm-guest
Date: 2010-07-10 15:47:43 +0000 (Sat, 10 Jul 2010)
New Revision: 14974
Modified:
data/CVE/list
Log:
- mediawiki no-dsa
- maradns fixed
- mumble no-dsa
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-07-10 08:16:42 UTC (rev 14973)
+++ data/CVE/list 2010-07-10 15:47:43 UTC (rev 14974)
@@ -370,10 +370,11 @@
TODO: check
CVE-2010-2490 [murmur DoS via malformed client query]
RESERVED
+ - mumble <unfixed> (low)
+ [lenny] - mumble <no-dsa> (Minor issue)
+ TODO: File bug
- qt4-x11 <undetermined> (low; bug #587713)
- - sqlite3 <undetermined>
NOTE: unclear whether is qt''s or sqlite''s fault
- TODO: check
CVE-2010-2489 [ruby buffer overflow on Windows]
RESERVED
- ruby1.8 <not-affected> (Windows-specific)
@@ -2498,9 +2499,11 @@
NOT-FOR-US: Joomla
CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login
interface ...)
- mediawiki 1.15.4-1 (bug #585918; low)
+ [lenny] - mediawiki <no-dsa> (Minor issue)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15
before ...)
- mediawiki 1.15.4-1 (bug #585918; low)
+ [lenny] - mediawiki <no-dsa> (Minor issue)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22
and ...)
{DSA-2062-1}
@@ -6358,10 +6361,9 @@
[lenny] - bozohttpd <no-dsa> (Minor issue)
[etch] - bozohttpd <no-dsa> (Minor issue)
CVE-2010-2444 (parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before
...)
- - maradns <unfixed> (low; bug #584587)
+ - maradns 1.4.03-1 (low; bug #584587)
[lenny] - maradns <no-dsa> (minor issue)
[etch] - maradns <not-affected> (vulnerable code introduced in 1.3.03)
- NOTE: http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
CVE-2010-XXXX [sqlite: info leak]
- sqlite3 3.6.21-1 (low; bug #566326)
[lenny] - sqlite3 <no-dsa> (Minor information leak)