Author: jmm Date: 2011-01-25 17:46:59 +0000 (Tue, 25 Jan 2011) New Revision: 15960 Modified: data/CVE/list Log: update not-affected status of syslog-ng remove TODOs from linux-2.6 entries, handled via kernel-sec Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-01-25 17:41:23 UTC (rev 15959) +++ data/CVE/list 2011-01-25 17:46:59 UTC (rev 15960) @@ -245,7 +245,6 @@ CVE-2011-0521 [av7110 negative array offset] RESERVED - linux-2.6 <unfixed> - TODO: check CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...) NOT-FOR-US: Gallarific CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in LotusCMS ...) @@ -861,7 +860,7 @@ CVE-2011-0343 [syslog-ng log permissions] RESERVED - syslog-ng 3.1.3-2 (bug #608491) - [lenny] - syslog-ng <not-affected> (Freebsd-specific, which is not supported in Lenny) + [lenny] - syslog-ng <not-affected> (2.0 not affected, also Freebsd-specific, which is not supported in Lenny anyway) CVE-2010-XXXX [XSS in ftpls] - ftpcopy <unfixed> (bug #607494) [squeeze] - ftpcopy <no-dsa> (Minor issue) @@ -904,11 +903,9 @@ CVE-2010-4656 [iowarrior usb device heap overflow] RESERVED - linux-2.6 <unfixed> - TODO: check CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl] RESERVED - linux-2.6 <unfixed> - TODO: check CVE-2010-4654 RESERVED - kdegraphics 4.0