thr3ads.net - Secure testing commits - [Secure-testing-commits] r15698

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Dec-13 21:14 UTC
[Secure-testing-commits] r15698 - data/CVE

Author: joeyh
Date: 2010-12-13 21:14:35 +0000 (Mon, 13 Dec 2010)
New Revision: 15698

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-12-13 20:34:14 UTC (rev 15697)
+++ data/CVE/list	2010-12-13 21:14:35 UTC (rev 15698)
@@ -1,3 +1,43 @@
+CVE-2011-0045
+	RESERVED
+CVE-2011-0044
+	RESERVED
+CVE-2011-0043
+	RESERVED
+CVE-2011-0042
+	RESERVED
+CVE-2011-0041
+	RESERVED
+CVE-2011-0040
+	RESERVED
+CVE-2011-0039
+	RESERVED
+CVE-2011-0038
+	RESERVED
+CVE-2011-0037
+	RESERVED
+CVE-2011-0036
+	RESERVED
+CVE-2011-0035
+	RESERVED
+CVE-2011-0034
+	RESERVED
+CVE-2011-0033
+	RESERVED
+CVE-2011-0032
+	RESERVED
+CVE-2011-0031
+	RESERVED
+CVE-2011-0030
+	RESERVED
+CVE-2011-0029
+	RESERVED
+CVE-2011-0028
+	RESERVED
+CVE-2011-0027
+	RESERVED
+CVE-2011-0026
+	RESERVED
 CVE-2010-XXXX [ircd-ratbox password disclosure?]
 	- ircd-ratbox 3.0.6.dfsg-2
 	TODO: check
@@ -1045,8 +1085,7 @@
 CVE-2010-4158
 	RESERVED
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4157
-	RESERVED
+CVE-2010-4157 (Integer overflow in the ioc_general function in
drivers/scsi/gdth.c in ...)
 	- linux-2.6 2.6.32-28 (low)
 CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP
5.36, ...)
 	NOT-FOR-US: FreshWebMaster Fresh FTP
@@ -1581,10 +1620,10 @@
 	TODO: check
 CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before
4.1.11 ...)
 	TODO: check
-CVE-2010-3919
-	RESERVED
-CVE-2010-3918
-	RESERVED
+CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction
between web ...)
+	TODO: check
+CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction
between ...)
+	TODO: check
 CVE-2010-3917
 	RESERVED
 CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro
...)
@@ -1663,8 +1702,7 @@
 CVE-2010-3881
 	RESERVED
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-3880
-	RESERVED
+CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does
not ...)
 	{DSA-2126-1}
 	- linux-2.6 <unfixed> (low)
 CVE-2010-3879
@@ -1717,8 +1755,7 @@
 	NOT-FOR-US: Apache Shiro / JSecurity
 CVE-2010-3862
 	RESERVED
-CVE-2010-3861
-	RESERVED
+CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the
Linux ...)
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 CVE-2010-3860 (IcedTea before 1.9.2, as based on OpenJDK 6, declares multiple
...)
@@ -1965,8 +2002,7 @@
 CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants
the ...)
 	- dovecot 1:1.2.15-1 (bug #599521)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3778
-	RESERVED
+CVE-2010-3778 (Unspecified vulnerability in Mozilla Firefox 3.5.x before
3.5.16, ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- icedove 3.0.11-1
@@ -1974,10 +2010,9 @@
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3777
-	RESERVED
-CVE-2010-3776
-	RESERVED
+CVE-2010-3777 (Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13
and ...)
+	TODO: check
+CVE-2010-3776 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
@@ -1985,56 +2020,49 @@
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3775
-	RESERVED
+CVE-2010-3775 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and
SeaMonkey ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3774
-	RESERVED
+CVE-2010-3774 (The NS_SecurityCompareURIs function in
netwerk/base/public/nsNetUtil.h ...)
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (Doesn''t affect 1.9.0)
-CVE-2010-3773
-	RESERVED
+CVE-2010-3773 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and
SeaMonkey ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3772
-	RESERVED
+CVE-2010-3772 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and
SeaMonkey ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3771
-	RESERVED
+CVE-2010-3771 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and
SeaMonkey ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3770
-	RESERVED
+CVE-2010-3770 (Multiple cross-site scripting (XSS) vulnerabilities in the
rendering ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3769
-	RESERVED
+CVE-2010-3769 (The line-breaking implementation in Mozilla Firefox before
3.5.16 and ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- icedove 3.0.11-1
@@ -2043,24 +2071,21 @@
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (font-face support introduced in
1.9.1)
-CVE-2010-3768
-	RESERVED
+CVE-2010-3768 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13,
Thunderbird ...)
 	- xulrunner <removed>
 	- icedove 3.0.11-1
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3767
-	RESERVED
+CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox
before ...)
 	{DSA-2132-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3766
-	RESERVED
+CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16
and ...)
 	- xulrunner <removed>
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
Secure testing commits - Dec 2010 - r15698 - data/CVE

[Secure-testing-commits] r15698 - data/CVE
