Author: jmm
Date: 2011-10-02 08:30:44 +0000 (Sun, 02 Oct 2011)
New Revision: 17352
Modified:
data/CVE/list
data/next-oldstable-point-update.txt
Log:
fixes from 5.0.9
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-01 19:29:28 UTC (rev 17351)
+++ data/CVE/list 2011-10-02 08:30:44 UTC (rev 17352)
@@ -1525,7 +1525,7 @@
NOTE: information as reported by maintainer
CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8
through ...)
- openssl 1.0.0e-1
- [lenny] - openssl <no-dsa> (Minor issue)
+ [lenny] - openssl 0.9.8g-15+lenny13
[squeeze] - openssl <no-dsa> (Minor issue)
CVE-2011-3209
RESERVED
@@ -2255,7 +2255,7 @@
- typo3-src 4.5.4+dfsg1-1 (bug #635937)
CVE-2011-XXXX [atop insecure tempfile handling]
- atop 1.23-1.1 (low; bug #622794)
- [lenny] - atop <no-dsa> (Minor issue)
+ [lenny] - atop 1.23-1+lenny1 (bug #622794)
[squeeze] - atop <no-dsa> (Minor issue)
CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava
...)
NOT-FOR-US: Ecava IntegraXor
@@ -3502,7 +3502,7 @@
CVE-2011-2510 (Cross-site scripting (XSS) vulnerability in the RSS embedding
feature ...)
- dokuwiki 0.0.20110525a-1 (low; bug #631818)
[squeeze] - dokuwiki <no-dsa> (Minor issue, will be fixed in point
update)
- [lenny] - dokuwiki <no-dsa> (Minor issue)
+ [lenny] - dokuwiki 0.0.20080505-4+lenny3
CVE-2011-2509 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla!
before ...)
- joomla <itp> (bug #571794)
CVE-2011-2508 (Directory traversal vulnerability in
libraries/display_tbl.lib.php in ...)
@@ -5023,7 +5023,7 @@
RESERVED
- klibc 1.5.22-1 (low)
[squeeze] - klibc 1.5.20-1+squeeze1
- [lenny] - klibc <no-dsa> (Minor issue)
+ [lenny] - klibc 1.5.12-3
CVE-2011-1929 (lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17
and ...)
{DSA-2252-1}
- dovecot 1:2.0.13-1 (bug #627443)
@@ -5064,7 +5064,7 @@
CVE-2011-1920 (The make include files in NetBSD before 1.6.2, as used in pmake
1.111 ...)
- pmake 1.111-3 (low; bug #626673)
[squeeze] - pmake <no-dsa> (Minor issue)
- [lenny] - pmake <no-dsa> (Minor issue)
+ [lenny] - pmake 1.111-1+lenny1
CVE-2011-1919
RESERVED
CVE-2011-1918
@@ -7587,7 +7587,7 @@
[squeeze] - linux-2.6 2.6.32-31
CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote
...)
- openldap 2.4.25-1 (low; bug #617606)
- [lenny] - openldap <no-dsa> (Minor issue)
+ [lenny] - openldap 2.4.11-1+lenny2.1
[squeeze] - openldap 2.4.23-7.1
CVE-2011-1080
RESERVED
@@ -7623,7 +7623,7 @@
RESERVED
- v86d 0.1.10-1 (low; bug #619404)
[squeeze] - v86d <no-dsa> (Minor issue)
- [lenny] - v86d <no-dsa> (Minor issue)
+ [lenny] - v86d 0.1.5.2-1+lenny1
CVE-2011-1069
RESERVED
CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x
before ...)
@@ -7761,7 +7761,7 @@
NOTE: NBD backend disabled in Debian builds
CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a
...)
- openldap 2.4.25-1 (low; bug #617606)
- [lenny] - openldap <no-dsa> (Minor issue)
+ [lenny] - openldap 2.4.11-1+lenny2.1
[squeeze] - openldap 2.4.23-7.1
CVE-2011-1023
RESERVED
@@ -8207,7 +8207,7 @@
CVE-2011-0874
RESERVED
CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
@@ -8215,7 +8215,7 @@
NOT-FOR-US: OpenJDK on Microsoft Windows
CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
@@ -8223,19 +8223,19 @@
NOT-FOR-US: Oracle Database Server
CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
@@ -8243,24 +8243,24 @@
NOT-FOR-US: Java on Windows
CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime
Environment ...)
{DSA-2311-1}
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
@@ -8359,7 +8359,7 @@
CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
NOT-FOR-US: Java on Windows
CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
@@ -8385,7 +8385,7 @@
CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
- [lenny] - sun-java6 <no-dsa> (non-free not supported)
+ [lenny] - sun-java6 6.26-0lenny1
[squeeze] - sun-java6 6.26-0squeeze1
- sun-java6 6.26-1 (bug #629852)
CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
@@ -8485,15 +8485,15 @@
RESERVED
- tesseract 2.04-2.1 (low; bug #612032)
[squeeze] - tesseract <no-dsa> (Minor issue)
- [lenny] - tesseract <no-dsa> (Minor issue)
+ [lenny] - tesseract 2.03-2+lenny1 (bug #612032)
CVE-2011-XXXX [conky tempfile]
- conky 1.8.0-1.1 (low; bug #612033)
[squeeze] - conky <no-dsa> (Minor issue)
- [lenny] - conky <no-dsa> (Minor issue)
+ [lenny] - conky 1.6.0-2+lenny1
CVE-2011-XXXX [aptitude tempfile]
- aptitude 0.6.3-4 (low; bug #612034)
[squeeze] - aptitude <no-dsa> (Minor issue)
- [lenny] - aptitude <no-dsa> (Minor issue)
+ [lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034)
CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote
...)
NOT-FOR-US: PivotX
CVE-2011-0774 (PivotX before 2.2.2 allows remote attackers to obtain sensitive
...)
@@ -8615,7 +8615,7 @@
CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...)
- magpierss 0.72-10 (low; bug #611940)
[squeeze] - magpierss 0.72-8+squeeze1
- [lenny] - magpierss <no-dsa> (Minor issue)
+ [lenny] - magpierss 0.72-5+lenny1
CVE-2011-0739 (The deliver function in the sendmail delivery agent ...)
NOT-FOR-US: Ruby mail gem
CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through
...)
@@ -9468,7 +9468,7 @@
- evince 2.32.0-1 (bug #614668)
- vftool 2.0alpha-4.1 (low; bug #614669)
[squeeze] - vftool <no-dsa> (Minor issue)
- [lenny] - vftool <no-dsa> (Minor issue)
+ [lenny] - vftool 2.0alpha-3+lenny1
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923
CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo
method in ...)
{DSA-2177-1}
Modified: data/next-oldstable-point-update.txt
==================================================================---
data/next-oldstable-point-update.txt 2011-10-01 19:29:28 UTC (rev 17351)
+++ data/next-oldstable-point-update.txt 2011-10-02 08:30:44 UTC (rev 17352)
@@ -1,61 +1,8 @@
-CVE-2011-0433
- [lenny] - vftool 2.0alpha-3+lenny1
CVE-2010-4005
[lenny] - tomboy 0.10.2-1+lenny1
-CVE-2011-0047
- [lenny] - mediawiki 1:1.12.0-2lenny8
CVE-2011-0009
[lenny] - request-tracker3.6 3.6.7-5+lenny5
-CVE-2011-0740
- [lenny] - magpierss 0.72-5+lenny1
-CVE-2011-1930
- [lenny] - klibc 1.5.12-3
-CVE-2011-0862
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0873
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0815
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0817
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0863
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0864
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0802
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0814
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0871
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0786
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0788
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0866
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0868
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0872
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0867
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0869
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-0865
- [lenny] - sun-java6 6.26-0lenny1
-CVE-2011-1136
- [lenny] - tesseract 2.03-2+lenny1 (bug #612032)
CVE-2011-XXXX
[lenny] - 1.6.0-2+lenny1
-CVE-2011-1920
- [lenny] - 1.111-1+lenny1
-CVE-2011-XXXX
- [lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034)
-CVE-2011-XXXX
- [lenny] - atop 1.23-1+lenny1 (bug #622794)
-CVE-2011-1070
- RESERVED
- [lenny] - v86d 0.1.5.2-1+lenny1