Secure testing commits - Aug 2011 - r17080 - data/CVE

Author: helmut-guest
Date: 2011-08-14 07:27:45 +0000 (Sun, 14 Aug 2011)
New Revision: 17080

Modified:
   data/CVE/list
Log:
NFUs, 2 TODOs recheck

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-08-12 21:14:23 UTC (rev 17079)
+++ data/CVE/list	2011-08-14 07:27:45 UTC (rev 17080)
@@ -706,6 +706,7 @@
 CVE-2011-2802 (Google V8, as used in Google Chrome before 13.0.782.107, does
not ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
+	- libv8 <undetermined>
 CVE-2011-2801 (Use-after-free vulnerability in Google Chrome before
13.0.782.107 ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
@@ -1695,9 +1696,9 @@
 CVE-2011-2402 (Cross-site scripting (XSS) vulnerability in HP Network
Automation ...)
 	TODO: check
 CVE-2011-2401 (Session fixation vulnerability in HP SiteScope 9.x, 10.x, and
11.x ...)
-	TODO: check
+	NOT-FOR-US: HP SiteScope
 CVE-2011-2400 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x,
10.x, ...)
-	TODO: check
+	NOT-FOR-US: HP SiteScope
 CVE-2011-2399 (Unspecified vulnerability in the Media Management Daemon (mmd)
in HP ...)
 	TODO: check
 CVE-2011-2398 (Unspecified vulnerability in the dynamic loader in HP HP-UX
B.11.11, ...)
@@ -8131,6 +8132,7 @@
 CVE-2011-0216 (Off-by-one error in libxml in Apple Safari before 5.0.6 allows
remote ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
+	TODO: recheck, title says it affects some libxml
 CVE-2011-0215 (ImageIO in Apple Safari before 5.0.6 on Windows does not
properly ...)
 	TODO: check
 CVE-2011-0214 (CFNetwork in Apple Safari before 5.0.6 on Windows does not
properly ...)
@@ -23214,7 +23216,7 @@
 CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php
in Open ...)
 	- piwik <itp> (bug #506933)
 CVE-2009-4139 (Cross-site request forgery (CSRF) vulnerability in the Spacewalk
Java ...)
-	TODO: check
+	NOT-FOR-US: spacewalk-java
 CVE-2009-4138 (drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9,
when ...)
 	{DSA-2005-1}
 	- linux-2.6 2.6.32-3 (medium)