Author: gilbert-guest Date: 2010-08-17 01:18:10 +0000 (Tue, 17 Aug 2010) New Revision: 15155 Modified: data/CVE/list Log: ruby fixed; new kernel issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-08-16 15:16:45 UTC (rev 15154) +++ data/CVE/list 2010-08-17 01:18:10 UTC (rev 15155) @@ -3,6 +3,8 @@ [lenny] - lynx <no-dsa> (Minor issue) NOTE: exploit scenario really obscure NOTE: https://bugs.launchpad.net/ubuntu/+source/lynx-cur/+bug/613254 +CVE-2010-3015 [ext4 integer overflow] + - linux-2.6 <unfixed> CVE-2010-2995 [Wireshark 1.2.10 SigComp Universal Decompressor Virtual Machine could overrun a buffer] - wireshark 1.2.10-1 CVE-2010-2992 [Wireshark 1.2.10 GSM A RR dissector could crash] @@ -6858,13 +6860,12 @@ CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...) - cups 1.4.4-1 CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...) - - ruby1.8 <unfixed> + - ruby1.8 1.8.7.302-1 [lenny] - ruby1.8 <no-dsa> (Minor issue) - - ruby1.9 <unfixed> + - ruby1.9 <removed> [lenny] - ruby1.9 <no-dsa> (Minor issue) - - ruby1.9.1 <unfixed> + - ruby1.9.1 <unfixed> (bug #593298) NOTE: File bugs: https://bugzilla.redhat.com/show_bug.cgi?id=587731#c3 - TODO: File bugs, no-dsa for Lenny CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...) - cups 1.4.4-1 CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)