Author: jmm Date: 2011-06-21 16:12:40 +0000 (Tue, 21 Jun 2011) New Revision: 16828 Modified: data/CVE/list Log: - new rampart issue (front desk, please create ticket/file bug) - one issue was splitt off of CVE-2010-4251 and is now tracked as CVE-2010-4805 Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-06-21 16:12:07 UTC (rev 16827) +++ data/CVE/list 2011-06-21 16:12:40 UTC (rev 16828) @@ -372,7 +372,7 @@ CVE-2011-2333 RESERVED CVE-2011-2329 (The rampart_timestamp_token_validate function in ...) - TODO: check + - rampart <unfixed> CVE-2011-2327 RESERVED CVE-2011-2326 @@ -642,7 +642,7 @@ CVE-2011-2166 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the user ...) TODO: check CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux kernel ...) - TODO: check + - linux-2.6 2.6.34-1 CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass ...) TODO: check CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, ...) @@ -4530,8 +4530,8 @@ CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) [lenny] - sun-java6 <no-dsa> (non-free not supported) [squeeze] - sun-java6 <no-dsa> (non-free not supported) - - sun-java6 <undetermined> - - openjdk-6 <undetermined> + - sun-java6 6.26-1 (bug #629852) + - openjdk-6 <undetermined> (bug #629852) CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) [lenny] - sun-java6 <no-dsa> (non-free not supported) [squeeze] - sun-java6 <no-dsa> (non-free not supported) @@ -8207,7 +8207,7 @@ - openssl <not-affected> (configured with -DOPENSSL_NO_JPAKE; bug #606902) NOTE: http://www.openssl.org/news/secadv_20101202.txt CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux kernel ...) - - linux-2.6 <not-affected> (introduced after 2.6.32; fixed in 2.6.37) + - linux-2.6 2.6.35-1 CVE-2010-4250 [linux inotify memory leak] RESERVED - linux-2.6 2.6.37-1