Author: jmm Date: 2011-09-01 15:34:54 +0000 (Thu, 01 Sep 2011) New Revision: 17156 Modified: data/CVE/list Log: new xen issues (fixed in sid) new ecryptfs-utils issues (needs bug/ticket) Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-01 13:26:51 UTC (rev 17155) +++ data/CVE/list 2011-09-01 15:34:54 UTC (rev 17156) @@ -169,7 +169,8 @@ CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows ...) - zabbix 1:1.8.6-1 CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 ...) - TODO: check + - xen 4.1.1-1 + - xen-3 <removed> CVE-2011-3261 RESERVED CVE-2011-3260 @@ -445,6 +446,7 @@ RESERVED CVE-2011-3145 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-3144 (Cross-site scripting (XSS) vulnerability in Control Microsystems ...) NOT-FOR-US: Control Microsystems ClearSCADA CVE-2011-3143 (Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, ...) @@ -3805,18 +3807,25 @@ NOT-FOR-US: TWiki CVE-2011-1837 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1836 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1835 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1834 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1833 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1832 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1831 RESERVED + - ecryptfs-utils <unfixed> CVE-2011-1830 RESERVED CVE-2011-1829 (APT before 0.8.15.2 does not properly validate inline GPG signatures, ...) @@ -4537,7 +4546,8 @@ CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the Media ...) - dotclear <not-affected> (Fixed before initial upload to archive) CVE-2011-1583 (Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in ...) - TODO: check + - xen 4.1.1-1 + - xen-3 <removed> CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a ...) - tomcat6 <not-affected> (Only affects Tomcat 7) CVE-2011-1581 (The bond_select_queue function in drivers/net/bonding/bond_main.c in ...)