Author: jmm-guest Date: 2010-08-25 09:22:11 +0000 (Wed, 25 Aug 2010) New Revision: 15207 Modified: data/CVE/list Log: new bugzilla issues, one should be fixed in a DSA, the rest are harmless Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-08-25 07:52:37 UTC (rev 15206) +++ data/CVE/list 2010-08-25 09:22:11 UTC (rev 15207) @@ -700,10 +700,8 @@ - lynx-cur <unfixed> (bug #594300) [lenny] - lynx-cur <no-dsa> (Minor issue) NOTE: exploit scenario really obscure - TODO: File bug CVE-2010-2809 (The default configuration of the <Button2> binding in Uzbl before ...) - uzbl <unfixed> (bug #594301) - TODO: File bug CVE-2010-2808 (Buffer overflow in the Mac_Read_POST_Resource function in ...) - freetype 2.4.2-1 CVE-2010-2807 (FreeType before 2.4.2 uses incorrect integer data types during bounds ...) @@ -869,13 +867,13 @@ CVE-2010-2760 RESERVED CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...) - TODO: check + - bugzilla <unfixed> (medium) CVE-2010-2758 (Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...) - TODO: check + - bugzilla <unfixed> (low) CVE-2010-2757 (The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through ...) - TODO: check + - bugzilla <unfixed> (low) CVE-2010-2756 (Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 ...) - TODO: check + - bugzilla <unfixed> (low) CVE-2010-2755 (layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not ...) - xulrunner <not-affected> (Only exploitable in Firefox 3.6.x and above) CVE-2010-2754 (dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 ...) @@ -4037,7 +4035,7 @@ TODO: check CVE-2010-1526 RESERVED - - libgdiplus <unfixed> (low; bug #594155) + - libgdiplus 2.6.7-2 (low; bug #594155) CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...) TODO: check CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)