Author: nion Date: 2011-09-08 22:14:01 +0000 (Thu, 08 Sep 2011) New Revision: 17196 Modified: data/CVE/list Log: - NFUs - new rsyslog issue (CVE-2011-3200) fixed in 5.8.5-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-08 21:56:47 UTC (rev 17195) +++ data/CVE/list 2011-09-08 22:14:01 UTC (rev 17196) @@ -1,5 +1,5 @@ CVE-2011-3390 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: IBM OpenAdmin Too CVE-2010-4833 (Untrusted search path vulnerability in ...) TODO: check CVE-2011-XXXX [mantis multiple issues] @@ -13,15 +13,15 @@ [squeeze] - masqmail <no-dsa> (no security issue by itself) NOTE: CVE id requested CVE-2011-3389 (Unspecified vulnerability in Opera before 11.51 has unknown attack ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote ...) - TODO: check + NOT-FOR-US: IBM Java CVE-2011-3386 (Unspecified vulnerability in Medtronic Paradigm wireless insulin pump ...) - TODO: check + NOT-FOR-US: Medtronic Paradigm wireless insulin pump CVE-2011-3385 (Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, ...) - TODO: check + NOT-FOR-US: WebsiteBaker CVE-2011-3384 RESERVED CVE-2011-3383 @@ -442,7 +442,8 @@ CVE-2011-3201 RESERVED CVE-2011-3200 (Stack-based buffer overflow in the parseLegacySyslogMsg function in ...) - TODO: check + - rsyslog 5.8.5-1 + NOTE: off-by-one/-two limited to 0 or :0 CVE-2011-3199 RESERVED - dtc 0.34.1-1 (bug #637584)