Author: jmm Date: 2011-04-06 12:47:42 +0000 (Wed, 06 Apr 2011) New Revision: 16482 Modified: data/CVE/list Log: - feedparser, htmlpurifier fixed - new xen issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-04-05 23:15:36 UTC (rev 16481) +++ data/CVE/list 2011-04-06 12:47:42 UTC (rev 16482) @@ -98,7 +98,7 @@ TODO: check NOTE: http://bugs.python.org/issue11662 CVE-2011-XXXX [htmlpurifier various] - - php-htmlpurifier <unfixed> + - php-htmlpurifier 4.3.0+dfsg1-1 - mahara 1.2.5-1 NOTE: Mahara switched to system-wide copy in 1.2.5, so Lenny still affected NOTE: http://htmlpurifier.org/news/2011/0327-4.3.0-released @@ -1018,6 +1018,8 @@ - tiff 3.9.4-9 (bug #619614) CVE-2011-1166 RESERVED + - xen 4.1.0-1 + - xen-3 <removed> CVE-2011-1165 RESERVED CVE-2011-1164 @@ -1035,19 +1037,19 @@ RESERVED CVE-2011-1158 [sanitizer doesn''t strip unsafe URI schemes] RESERVED - - feedparser <unfixed> (low; bug #617998) + - feedparser 5.0.1-1 (low; bug #617998) [squeeze] - feedparser <no-dsa> (Minor issue) [lenny] - feedparser <no-dsa> (Minor issue) NOTE: https://code.google.com/p/feedparser/issues/detail?id=255 CVE-2011-1157 [sanitization can be bypassed by malformed XML comments] RESERVED - - feedparser <unfixed> (low; bug #617998) + - feedparser 5.0.1-1 (low; bug #617998) [squeeze] - feedparser <no-dsa> (Minor issue) [lenny] - feedparser <no-dsa> (Minor issue) NOTE: https://code.google.com/p/feedparser/issues/detail?id=254 CVE-2011-1156 [invalid text in XML declaration causes sanitizer to crash] RESERVED - - feedparser <unfixed> (low; bug #617998) + - feedparser 5.0.1-1 (low; bug #617998) [squeeze] - feedparser <no-dsa> (Minor issue) [lenny] - feedparser <no-dsa> (Minor issue) NOTE: https://code.google.com/p/feedparser/issues/detail?id=91