Author: jmm Date: 2011-06-29 18:00:35 +0000 (Wed, 29 Jun 2011) New Revision: 16860 Modified: data/CVE/list Log: new kernel issue dokuwiki fixed, fixup description asterisk fixed, fixup severity kfreebsd fixed, icedove fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-06-29 17:58:07 UTC (rev 16859) +++ data/CVE/list 2011-06-29 18:00:35 UTC (rev 16860) @@ -1,7 +1,7 @@ CVE-2011-XXXX [pyro: pidfile in /tmp, opened insecurely] - pyro <unfixed> (bug #631912) CVE-2011-2534 (Buffer overflow in the clusterip_proc_write function in ...) - TODO: check + - linux-2.6 2.6.39-1 (low) CVE-2011-2533 (The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows ...) TODO: check CVE-2011-2532 (The json.decode function in util/json.lua in Prosody 0.8.x before ...) @@ -10,25 +10,23 @@ TODO: check CVE-2011-2530 (Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware ...) TODO: check -CVE-2011-XXXX [dokuwiki ACL bypass] - - dokuwiki <unfixed> (low; bug #631818) +CVE-2011-XXXX [dokuwiki XSS in RSS code] + - dokuwiki 0.0.20110525a-1 (low; bug #631818) [squeeze] - dokuwiki <no-dsa> (Minor issue) [lenny] - dokuwiki <no-dsa> (Minor issue) + NOTE: CVE Id requested CVE-2011-XXXX [asterisk: AST-2011-009 - crash on malformed SIP packet] - - asterisk <unfixed> (bug #631445) + - asterisk 1:1.8.4.3-1 (bug #631445) [squeeze] - asterisk <not-affected> [lenny] - asterisk <not-affected> CVE-2011-2535 [asterisk: AST-2011-010 - crash due to using remote pointers] RESERVED - - asterisk <unfixed> (bug #631448) + - asterisk 1:1.8.4.3-1 (bug #631448) [squeeze] - asterisk <not-affected> [lenny] - asterisk <not-affected> CVE-2011-2529 [asterisk: AST-2011-008 - remote unauthenticated, null character] RESERVED - - asterisk <unfixed> (unimportant; bug #631446) - [squeeze] - asterisk <no-dsa> (DoS issue) - [lenny] - asterisk <not-affected> - NOTE: DoS + - asterisk 1:1.8.4.3-1 (bug #631446) CVE-2011-2528 RESERVED CVE-2011-2527 @@ -143,8 +141,8 @@ RESERVED CVE-2011-2480 [kfreebsd info disclosure] RESERVED - - kfreebsd-9 <unfixed> (bug #631160) - - kfreebsd-8 <unfixed> (bug #631161) + - kfreebsd-9 9.0~svn223502-1 (bug #631160) + - kfreebsd-8 8.2-3 (bug #631161) - kfreebsd-7 <removed> CVE-2011-2479 RESERVED @@ -338,7 +336,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2376 RESERVED - xulrunner <removed> @@ -346,7 +344,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2375 RESERVED - xulrunner <not-affected> (Only affects Firefox 5.0, not yet in unstable) @@ -358,7 +356,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2373 RESERVED - xulrunner <removed> @@ -366,7 +364,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2372 RESERVED CVE-2011-2371 @@ -376,7 +374,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2370 RESERVED - xulrunner <removed> @@ -408,7 +406,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2364 RESERVED - xulrunner <removed> @@ -416,7 +414,7 @@ [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - iceape <unfixed> [lenny] - iceape <not-affected> (Only a stub package) - - icedove <unfixed> + - icedove 3.1.11-1 CVE-2011-2363 RESERVED CVE-2011-2362