Secure testing commits - Mar 2011 - r16413 - data/CVE

Author: jmm
Date: 2011-03-22 16:02:52 +0000 (Tue, 22 Mar 2011)
New Revision: 16413

Modified:
   data/CVE/list
Log:
- apache-itk CVEfied
- new CVE IDs (several might be unimportant. Raphael, please check)
- new chrome/webkit issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-03-22 08:15:30 UTC (rev 16412)
+++ data/CVE/list	2011-03-22 16:02:52 UTC (rev 16413)
@@ -1,19 +1,20 @@
 CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in
PHP ...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent
...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1469 (Unspecified vulnerability in the Streams component in PHP before
5.3.6 ...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1468 (Multiple memory leaks in the OpenSSL extension in PHP before
5.3.6 ...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka
...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar
extension ...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc
in ...)
-	TODO: check
+	- chromium-browser <undetermined>
+	- webkit <undetermined>
 CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when
the ...)
-	TODO: check
+	- php5 5.3.6-1
 CVE-2011-1463
 	RESERVED
 CVE-2011-1462
@@ -122,10 +123,6 @@
 	TODO: check
 CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open
Ticket ...)
 	TODO: check
-CVE-2011-XXXX [apache2-mpm-itk config misparsing]
-	- apache2 <unfixed> (bug #618857; medium)
-	[lenny] - apache2 <not-affected> (different source package in lenny:
apache2-mpm-itk)
-	[lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in
2.2.11-01)
 CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not
properly ...)
 	TODO: check
 CVE-2011-1431 (The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in
the ...)
@@ -718,8 +715,11 @@
 	RESERVED
 CVE-2011-1177
 	RESERVED
-CVE-2011-1176
+CVE-2011-1176 [apache2-mpm-itk config misparsing]
 	RESERVED
+	- apache2 <unfixed> (bug #618857; medium)
+	[lenny] - apache2 <not-affected> (different source package in lenny:
apache2-mpm-itk)
+	[lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in
2.2.11-01)
 CVE-2011-1175
 	RESERVED
 CVE-2011-1174