Author: jmm-guest Date: 2010-09-30 09:53:31 +0000 (Thu, 30 Sep 2010) New Revision: 15399 Modified: data/CVE/list Log: - horde bugs - add source package for ffmpeg in Lenny Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-09-30 09:22:29 UTC (rev 15398) +++ data/CVE/list 2010-09-30 09:53:31 UTC (rev 15399) @@ -4,25 +4,21 @@ NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html CVE-2010-XXXX [horde3 XSS and CSRF] - - horde3 <unfixed> - TODO: check + - horde3 <unfixed> (bug #598582) NOTE: http://lists.horde.org/archives/announce/2010/000568.html CVE-2010-XXXX [horde dimp XSS] - - dimp1 <unfixed> + - dimp1 <unfixed> (bug #598583) NOTE: http://lists.horde.org/archives/announce/2010/000561.html - TODO: report CVE-2010-XXXX [horde imp4 XSS] - - imp4 <unfixed> + - imp4 <unfixed> (bug #598584) NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html - TODO: report CVE-2010-XXXX [libcloud doesn''t verify SSL certificate] - libcloud <unfixed> (bug #598463) TODO: check NOTE: other similar python code should be reviewed CVE-2010-XXXX [horde gollem XSS] - - gollem <unfixed> + - gollem <unfixed> (bug #598585) NOTE: http://bugs.horde.org/ticket/9191 - TODO: report CVE-2010-3688 NOT-FOR-US: NetArtMEDIA WebSiteAdmin CVE-2010-3684 @@ -640,6 +636,7 @@ CVE-2010-3429 RESERVED - ffmpeg <unfixed> + - ffmpeg-debian <removed> TODO: check NOTE: http://www.ocert.org/advisories/ocert-2010-004.html CVE-2010-XXXX [mingetty directory traversal]