Author: joeyh
Date: 2011-09-23 09:14:17 +0000 (Fri, 23 Sep 2011)
New Revision: 17274
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-09-23 08:28:27 UTC (rev 17273)
+++ data/CVE/list 2011-09-23 09:14:17 UTC (rev 17274)
@@ -1055,7 +1055,7 @@
- apache2 2.2.19-2
CVE-2011-3191
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 <unfixed>
CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat
7.0.0 ...)
- tomcat6 <unfixed>
@@ -1067,7 +1067,7 @@
[lenny] - php5 <not-affected> (Introduced in 5.3.7)
CVE-2011-3188
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
CVE-2011-3187 (The to_s method in ...)
TODO: check
CVE-2011-3186 (CRLF injection vulnerability in ...)
@@ -1739,7 +1739,7 @@
CVE-2011-2929 (The template selection functionality in ...)
TODO: check
CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux
...)
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 3.0.0-2
CVE-2011-2927
RESERVED
@@ -2803,7 +2803,7 @@
- tomcat5.5 <removed> (bug #634992)
CVE-2011-2525
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.35-1
CVE-2011-2524 (Directory traversal vulnerability in soup-uri.c in SoupServer in
...)
- libsoup2.4 2.34.3-1 (bug #635837)
@@ -2901,15 +2901,15 @@
[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.36)
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.36)
CVE-2011-2497 (Integer underflow in the l2cap_config_req function in ...)
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.39-3
CVE-2011-2496
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.39-1 (low)
CVE-2011-2495
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 3.0.0-1 (low)
CVE-2011-2494
RESERVED
@@ -2920,11 +2920,11 @@
[squeeze] - linux-2.6 <not-affected> (sbi->s_err-report
didn''t exist yet)
[lenny] - linux-2.6 <not-affected> (sbi->s_err-report didn''t
exist yet)
CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does
not ...)
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 3.0.0-1 (low)
CVE-2011-2491
RESERVED
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 3.0.0-1
CVE-2011-2490 (opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does
not ...)
{DSA-2281-1}
@@ -2942,7 +2942,7 @@
RESERVED
- gdk-pixbuf 2.23.3-3.1 (bug #631524)
CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux
...)
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.39-3 (low)
CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on
certain ...)
- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in
initial release in 2007)
@@ -3560,6 +3560,7 @@
CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
NOT-FOR-US: VMware
CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the
Linux ...)
+ {DSA-2310-1}
- linux-2.6 2.6.39-3
CVE-2011-2212
RESERVED
@@ -3648,12 +3649,14 @@
NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
CVE-2011-2209 [Alpha-specific issue]
RESERVED
+ {DSA-2310-1}
- linux-2.6 2.6.32-1
CVE-2011-2210 [Alpha-specific issue]
RESERVED
- linux-2.6 2.6.32-1
CVE-2011-2211 [Alpha-specific issue]
RESERVED
+ {DSA-2310-1}
- linux-2.6 2.6.32-1
CVE-2011-2203 [HFS DoS]
RESERVED
@@ -7116,7 +7119,7 @@
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.33)
CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37
and ...)
- {DSA-2303-1}
+ {DSA-2310-1 DSA-2303-1}
- linux-2.6 <unfixed>
CVE-2011-1019
RESERVED
@@ -8056,6 +8059,7 @@
[lenny] - wireshark <not-affected> (Vulnerable code not present)
NOTE: http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB
audio ...)
+ {DSA-2310-1}
- linux-2.6 2.6.37-2
[wheezy] - linux-2.6 2.6.32-31
[squeeze] - linux-2.6 2.6.32-31
@@ -24858,6 +24862,7 @@
RESERVED
CVE-2009-4067
RESERVED
+ {DSA-2310-1}
- linux-2.6 2.6.28-1 (low)
NOTE: Driver was removed in 2.6.27
CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the "My ...)