Secure testing commits - Aug 2010 - r15220 - data/CVE

Author: jmm-guest
Date: 2010-08-26 21:21:34 +0000 (Thu, 26 Aug 2010)
New Revision: 15220

Modified:
   data/CVE/list
Log:
- new znc issues
- new vlc/Windows issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-08-26 09:18:56 UTC (rev 15219)
+++ data/CVE/list	2010-08-26 21:21:34 UTC (rev 15220)
@@ -1,3 +1,5 @@
+CVE-2010-3124 [DLL issue and VLC]
+	- vlc <not-affected> (Windows specific vulnerability)
 CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the
...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <undetermined>
@@ -239,7 +241,7 @@
 CVE-2010-3023 (Multiple cross-site scripting (XSS) vulnerabilities in
DiamondList ...)
 	NOT-FOR-US: DiamondList
 CVE-2010-3022 (Cross-site scripting (XSS) vulnerability in the Performance
logging ...)
-	TODO: check
+	NOT-FOR-US: Drupal Addon
 CVE-2010-3021 (Unspecified vulnerability in Opera before 10.61 allows remote
...)
 	NOT-FOR-US: Opera
 CVE-2010-3020 (The news-feed preview feature in Opera before 10.61 does not
properly ...)
@@ -432,7 +434,7 @@
 	RESERVED
 	- openoffice.org 1:3.2.1-6
 CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote
...)
-	TODO: check
+	- znc <unfixed> (bug filed)
 CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows
remote ...)
 	NOT-FOR-US: AV Arcade
 CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
@@ -744,7 +746,7 @@
 	- squirrelmail 2:1.4.21-1 (low)
 	[lenny] - squirrelmail <no-dsa> (low-risk issue)
 CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
-	TODO: check
+	- znc <unfixed> (bug filed)
 CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
 	NOT-FOR-US: Red Hat Virtual Desktop Server Manager
 CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in
...)
@@ -818,7 +820,7 @@
 	{DSA-2078-1}
 	- kvirc 4:4.0.0-3
 CVE-2010-2784 (The subpage MMIO initialization functionality in the
subpage_register ...)
-	- qemu-kvm <unfixed> (bug filed)
+	- qemu-kvm <unfixed> (bug #594478)
 	- kvm <undetermined>
 CVE-2010-2783
 	RESERVED