Secure testing commits - Oct 2011 - r17451 - data/CVE

Author: joeyh
Date: 2011-10-18 21:14:21 +0000 (Tue, 18 Oct 2011)
New Revision: 17451

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-10-18 18:27:57 UTC (rev 17450)
+++ data/CVE/list	2011-10-18 21:14:21 UTC (rev 17451)
@@ -19,12 +19,12 @@
 	RESERVED
 CVE-2011-4063
 	RESERVED
-CVE-2011-4062
-	RESERVED
-CVE-2011-4061
-	RESERVED
-CVE-2011-4060
-	RESERVED
+CVE-2011-4062 (Buffer overflow in the "linux emulation"
support in FreeBSD 7.3 and ...)
+	TODO: check
+CVE-2011-4061 (Multiple untrusted search path vulnerabilities in (1) db2rspgn
and (2) ...)
+	TODO: check
+CVE-2011-4060 (The runtime linker in QNX Neutrino RTOS 6.5.0 does not properly
clear ...)
+	TODO: check
 CVE-2011-4059
 	RESERVED
 CVE-2011-4058
@@ -1019,7 +1019,7 @@
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
 CVE-2011-3721 (concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to
obtain ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3720 (conceptcms 5.3.1 allows remote attackers to obtain sensitive
...)
+CVE-2011-3720 (conceptcms 5.3.1, 5.3.3, and possibly other versions allows
remote ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
 CVE-2011-3719 (CodeIgniter 1.7.2 allows remote attackers to obtain sensitive
...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
@@ -1276,10 +1276,12 @@
 	RESERVED
 CVE-2011-3605
 	RESERVED
+	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3604
 	RESERVED
+	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3603
@@ -1289,10 +1291,12 @@
 	NOTE: should be rejected (http://seclists.org/oss-sec/2011/q4/72)
 CVE-2011-3602
 	RESERVED
+	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3601
 	RESERVED
+	{DSA-2323-1}
 	- radvd 1:1.8-1.2 (bug #644614)
 	[squeeze] - radvd <not-affected> (No support for
ND_OPT_DNSSL_INFORMATION)
 	[lenny] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)