Author: jmm
Date: 2011-02-07 08:05:51 +0000 (Mon, 07 Feb 2011)
New Revision: 16075
Modified:
data/CVE/list
Log:
three tomcat issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-02-07 00:31:51 UTC (rev 16074)
+++ data/CVE/list 2011-02-07 08:05:51 UTC (rev 16075)
@@ -593,8 +593,9 @@
RESERVED
CVE-2011-0534 [remote DoS via NIO connector]
RESERVED
+ - tomcat5.5 <not-affected> (Vulnerable code not present)
- tomcat6 <unfixed>
- TODO: check
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2011-0533
RESERVED
CVE-2011-0532
@@ -2281,8 +2282,12 @@
- tor 0.2.1.29-1
CVE-2011-0014
RESERVED
-CVE-2011-0013
+CVE-2011-0013 [tomcat HTML manager XSS]
RESERVED
+ - tomcat5.5 <removed> (low)
+ [lenny] - tomcat5.5 <no-dsa> (Minor issue)
+ - tomcat6 <unfixed>
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2011-0012
RESERVED
CVE-2011-0011 [qemu-kvm: Setting VNC password to empty string silently disables
all authentication]
@@ -4363,8 +4368,12 @@
RESERVED
CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
NOT-FOR-US: Symantec IM Manager
-CVE-2010-3718
+CVE-2010-3718 [security manager permission bypas]
RESERVED
+ - tomcat5.5 <removed> (low)
+ [lenny] - tomcat5.5 <no-dsa> (Minor issue)
+ - tomcat6 <unfixed>
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15,
4.3.x ...)
{DSA-2121-1}
- typo3-src 4.3.7-1
@@ -13747,7 +13756,6 @@
CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise ...)
{DSA-2153-1}
- linux-2.6 2.6.32-29
- - kvm <removed>
CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache
HTTP ...)
{DSA-2035-1}
- apache2 2.2.15-1