thr3ads.net - Secure testing commits - [Secure-testing-commits] r15669

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2010-Dec-09 08:19 UTC

[Secure-testing-commits] r15669 - data/CVE

Author: jmm-guest
Date: 2010-12-09 08:19:13 +0000 (Thu, 09 Dec 2010)
New Revision: 15669

Modified:
   data/CVE/list
Log:
- kernel updates merged from kernel-sec
- pootle CVEfied
- new puppet issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-12-08 21:14:58 UTC (rev 15668)
+++ data/CVE/list	2010-12-09 08:19:13 UTC (rev 15669)
@@ -1,3 +1,5 @@
+CVE-2010-XXXX 
+	- puppet 2.6.2-3
 CVE-2011-0025
 	RESERVED
 CVE-2011-0024
@@ -645,12 +647,12 @@
 CVE-2010-4247 [linux xen: request-processing loop is unbounded in blkback]
 	RESERVED
 	- linux-2.6 <unfixed>
-	TODO: check
-	NOTE: 4CEB7F72.2020202 at redhat.com
 CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php
in ...)
 	TODO: check
 CVE-2010-4245
 	RESERVED
+	- pootle 2.0.5-0.3 (low; bug #604060)
+	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4244
 	RESERVED
 CVE-2010-4243 [linux: mem allocated invisible to oom_kill() when not attached
to any threads]
@@ -709,9 +711,6 @@
 CVE-2010-4221 (Multiple stack-based buffer overflows in the
pr_netio_telnet_gets ...)
 	- proftpd-dfsg 1.3.3a-5 (bug #603511; bug #602279)
 	[lenny] - proftpd-dfsg <not-affected> (Introduced in 1.3.2rc3)
-CVE-2010-XXXX [pootle XSS vulnerability via ''match_names'']
-	- pootle 2.0.5-0.3 (low; bug #604060)
-	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated
Solution ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in
SemanticTagService.js in ...)
@@ -841,7 +840,7 @@
 CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly
clear the ...)
 	- systemtap 1.2-3 (bug #603946)
 CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux
kernel ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.32-29
 CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before
1.0.5 ...)
 	- openttd 1.0.4-3 (bug #603752)
 	[lenny] - openttd <not-affected> (Introduced in 1.0)
@@ -858,8 +857,10 @@
 	- linux-2.6 2.6.32-28
 CVE-2010-4163
 	RESERVED
+	- linux-2.6 2.6.32-29
 CVE-2010-4162
 	RESERVED
+	- linux-2.6 2.6.32-29
 CVE-2010-4161 [linux deadlock]
 	RESERVED
 	- linux-2.6 <undetermined>
@@ -1513,7 +1514,7 @@
 	NOT-FOR-US: CMS Made Simple
 CVE-2010-3881
 	RESERVED
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 2.6.32-29 (low)
 CVE-2010-3880
 	RESERVED
 	{DSA-2126-1}

Secure testing commits - Dec 2010 - r15669 - data/CVE

[Secure-testing-commits] r15669 - data/CVE