Author: jmm Date: 2011-10-02 08:30:44 +0000 (Sun, 02 Oct 2011) New Revision: 17352 Modified: data/CVE/list data/next-oldstable-point-update.txt Log: fixes from 5.0.9 Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-01 19:29:28 UTC (rev 17351) +++ data/CVE/list 2011-10-02 08:30:44 UTC (rev 17352) @@ -1525,7 +1525,7 @@ NOTE: information as reported by maintainer CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through ...) - openssl 1.0.0e-1 - [lenny] - openssl <no-dsa> (Minor issue) + [lenny] - openssl 0.9.8g-15+lenny13 [squeeze] - openssl <no-dsa> (Minor issue) CVE-2011-3209 RESERVED @@ -2255,7 +2255,7 @@ - typo3-src 4.5.4+dfsg1-1 (bug #635937) CVE-2011-XXXX [atop insecure tempfile handling] - atop 1.23-1.1 (low; bug #622794) - [lenny] - atop <no-dsa> (Minor issue) + [lenny] - atop 1.23-1+lenny1 (bug #622794) [squeeze] - atop <no-dsa> (Minor issue) CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...) NOT-FOR-US: Ecava IntegraXor @@ -3502,7 +3502,7 @@ CVE-2011-2510 (Cross-site scripting (XSS) vulnerability in the RSS embedding feature ...) - dokuwiki 0.0.20110525a-1 (low; bug #631818) [squeeze] - dokuwiki <no-dsa> (Minor issue, will be fixed in point update) - [lenny] - dokuwiki <no-dsa> (Minor issue) + [lenny] - dokuwiki 0.0.20080505-4+lenny3 CVE-2011-2509 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...) - joomla <itp> (bug #571794) CVE-2011-2508 (Directory traversal vulnerability in libraries/display_tbl.lib.php in ...) @@ -5023,7 +5023,7 @@ RESERVED - klibc 1.5.22-1 (low) [squeeze] - klibc 1.5.20-1+squeeze1 - [lenny] - klibc <no-dsa> (Minor issue) + [lenny] - klibc 1.5.12-3 CVE-2011-1929 (lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and ...) {DSA-2252-1} - dovecot 1:2.0.13-1 (bug #627443) @@ -5064,7 +5064,7 @@ CVE-2011-1920 (The make include files in NetBSD before 1.6.2, as used in pmake 1.111 ...) - pmake 1.111-3 (low; bug #626673) [squeeze] - pmake <no-dsa> (Minor issue) - [lenny] - pmake <no-dsa> (Minor issue) + [lenny] - pmake 1.111-1+lenny1 CVE-2011-1919 RESERVED CVE-2011-1918 @@ -7587,7 +7587,7 @@ [squeeze] - linux-2.6 2.6.32-31 CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote ...) - openldap 2.4.25-1 (low; bug #617606) - [lenny] - openldap <no-dsa> (Minor issue) + [lenny] - openldap 2.4.11-1+lenny2.1 [squeeze] - openldap 2.4.23-7.1 CVE-2011-1080 RESERVED @@ -7623,7 +7623,7 @@ RESERVED - v86d 0.1.10-1 (low; bug #619404) [squeeze] - v86d <no-dsa> (Minor issue) - [lenny] - v86d <no-dsa> (Minor issue) + [lenny] - v86d 0.1.5.2-1+lenny1 CVE-2011-1069 RESERVED CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before ...) @@ -7761,7 +7761,7 @@ NOTE: NBD backend disabled in Debian builds CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a ...) - openldap 2.4.25-1 (low; bug #617606) - [lenny] - openldap <no-dsa> (Minor issue) + [lenny] - openldap 2.4.11-1+lenny2.1 [squeeze] - openldap 2.4.23-7.1 CVE-2011-1023 RESERVED @@ -8207,7 +8207,7 @@ CVE-2011-0874 RESERVED CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) @@ -8215,7 +8215,7 @@ NOT-FOR-US: OpenJDK on Microsoft Windows CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) @@ -8223,19 +8223,19 @@ NOT-FOR-US: Oracle Database Server CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) @@ -8243,24 +8243,24 @@ NOT-FOR-US: Java on Windows CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...) {DSA-2311-1} - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) - openjdk-6 6b18-1.8.9-0.1 (bug #629852) @@ -8359,7 +8359,7 @@ CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) NOT-FOR-US: Java on Windows CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) @@ -8385,7 +8385,7 @@ CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) NOT-FOR-US: Oracle JD Edwards Products CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) - [lenny] - sun-java6 <no-dsa> (non-free not supported) + [lenny] - sun-java6 6.26-0lenny1 [squeeze] - sun-java6 6.26-0squeeze1 - sun-java6 6.26-1 (bug #629852) CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...) @@ -8485,15 +8485,15 @@ RESERVED - tesseract 2.04-2.1 (low; bug #612032) [squeeze] - tesseract <no-dsa> (Minor issue) - [lenny] - tesseract <no-dsa> (Minor issue) + [lenny] - tesseract 2.03-2+lenny1 (bug #612032) CVE-2011-XXXX [conky tempfile] - conky 1.8.0-1.1 (low; bug #612033) [squeeze] - conky <no-dsa> (Minor issue) - [lenny] - conky <no-dsa> (Minor issue) + [lenny] - conky 1.6.0-2+lenny1 CVE-2011-XXXX [aptitude tempfile] - aptitude 0.6.3-4 (low; bug #612034) [squeeze] - aptitude <no-dsa> (Minor issue) - [lenny] - aptitude <no-dsa> (Minor issue) + [lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034) CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote ...) NOT-FOR-US: PivotX CVE-2011-0774 (PivotX before 2.2.2 allows remote attackers to obtain sensitive ...) @@ -8615,7 +8615,7 @@ CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...) - magpierss 0.72-10 (low; bug #611940) [squeeze] - magpierss 0.72-8+squeeze1 - [lenny] - magpierss <no-dsa> (Minor issue) + [lenny] - magpierss 0.72-5+lenny1 CVE-2011-0739 (The deliver function in the sendmail delivery agent ...) NOT-FOR-US: Ruby mail gem CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...) @@ -9468,7 +9468,7 @@ - evince 2.32.0-1 (bug #614668) - vftool 2.0alpha-4.1 (low; bug #614669) [squeeze] - vftool <no-dsa> (Minor issue) - [lenny] - vftool <no-dsa> (Minor issue) + [lenny] - vftool 2.0alpha-3+lenny1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923 CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in ...) {DSA-2177-1} Modified: data/next-oldstable-point-update.txt ==================================================================--- data/next-oldstable-point-update.txt 2011-10-01 19:29:28 UTC (rev 17351) +++ data/next-oldstable-point-update.txt 2011-10-02 08:30:44 UTC (rev 17352) @@ -1,61 +1,8 @@ -CVE-2011-0433 - [lenny] - vftool 2.0alpha-3+lenny1 CVE-2010-4005 [lenny] - tomboy 0.10.2-1+lenny1 -CVE-2011-0047 - [lenny] - mediawiki 1:1.12.0-2lenny8 CVE-2011-0009 [lenny] - request-tracker3.6 3.6.7-5+lenny5 -CVE-2011-0740 - [lenny] - magpierss 0.72-5+lenny1 -CVE-2011-1930 - [lenny] - klibc 1.5.12-3 -CVE-2011-0862 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0873 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0815 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0817 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0863 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0864 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0802 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0814 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0871 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0786 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0788 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0866 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0868 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0872 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0867 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0869 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-0865 - [lenny] - sun-java6 6.26-0lenny1 -CVE-2011-1136 - [lenny] - tesseract 2.03-2+lenny1 (bug #612032) CVE-2011-XXXX [lenny] - 1.6.0-2+lenny1 -CVE-2011-1920 - [lenny] - 1.111-1+lenny1 -CVE-2011-XXXX - [lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034) -CVE-2011-XXXX - [lenny] - atop 1.23-1+lenny1 (bug #622794) -CVE-2011-1070 - RESERVED - [lenny] - v86d 0.1.5.2-1+lenny1