thr3ads.net - Secure testing commits - [Secure-testing-commits] r16033

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2011-Feb-02 20:20 UTC

[Secure-testing-commits] r16033 - data/CVE

Author: jmm
Date: 2011-02-02 20:20:54 +0000 (Wed, 02 Feb 2011)
New Revision: 16033

Modified:
   data/CVE/list
Log:
eclipse no-dsa
update bugzilla status


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-02-02 20:08:36 UTC (rev 16032)
+++ data/CVE/list	2011-02-02 20:20:54 UTC (rev 16033)
@@ -668,8 +668,9 @@
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
 CVE-2008-7271 (Multiple cross-site scripting (XSS) vulnerabilities in the Help
...)
-	- eclipse <unfixed>
-	TODO: check
+	- eclipse <unfixed> (low)
+	[squeeze] - eclipse <no-dsa> (Minor issue)
+	[lenny] - eclipse <no-dsa> (Minor issue)
 CVE-2011-0426
 	RESERVED
 CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows
remote ...)
@@ -1162,7 +1163,9 @@
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
 CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help
...)
-	- eclipse <unfixed>
+	- eclipse <unfixed> (low)
+	[squeeze] - eclipse <no-dsa> (Minor issue)
+	[lenny] - eclipse <no-dsa> (Minor issue)
 CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before
1.01 ...)
 	NOT-FOR-US: Hastymail
 CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before
1.6.15 ...)
@@ -1754,15 +1757,13 @@
 CVE-2011-0049
 	RESERVED
 CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4,
and ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2011-0047 [mediawiki CSS injection]
 	RESERVED
 	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Bugzilla ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before
8.0.552.343 do ...)
 	- chromium-browser 6.0.472.63~r59945-4
@@ -1799,11 +1800,10 @@
 CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1,
3.7.2, ...)
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
 CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before
3.2.10; ...)
-	- bugzilla <unfixed> (high; bug #611176)
+	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4,
and ...)
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <unfixed> (high; bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in
...)
 	NOT-FOR-US: Citrix Acces Gateway

Secure testing commits - Feb 2011 - r16033 - data/CVE

[Secure-testing-commits] r16033 - data/CVE