thr3ads.net - Secure testing commits - [Secure-testing-commits] r17626

If this information is useful, please help other people find it:
Share via:

Joey Hess

2011-Nov-16 21:14 UTC

[Secure-testing-commits] r17626 - data/CVE

Author: joeyh
Date: 2011-11-16 21:14:23 +0000 (Wed, 16 Nov 2011)
New Revision: 17626

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-11-16 21:08:18 UTC (rev 17625)
+++ data/CVE/list	2011-11-16 21:14:23 UTC (rev 17626)
@@ -1,3 +1,21 @@
+CVE-2011-4455
+	RESERVED
+CVE-2011-4454
+	RESERVED
+CVE-2011-4453
+	RESERVED
+CVE-2011-4452
+	RESERVED
+CVE-2011-4451
+	RESERVED
+CVE-2011-4450
+	RESERVED
+CVE-2011-4449
+	RESERVED
+CVE-2011-4448
+	RESERVED
+CVE-2008-7303 (The nonet and nointernet sandbox profiles in Apple Mac OS X
10.5.x do ...)
+	TODO: check
 CVE-2011-4447
 	RESERVED
 CVE-2011-4446
@@ -308,6 +326,7 @@
 	RESERVED
 CVE-2011-4313 [BIND INSIST crash in query.c]
 	RESERVED
+	{DSA-2347-1}
 	- bind9 <unfixed> (high)
 	NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
 CVE-2011-4312
@@ -4858,6 +4877,7 @@
 	[squeeze] - mahara <not-affected> (Vulnerable code not present)
 	[lenny] - mahara <not-affected> (Vulnerable code not present)
 CVE-2011-4118 (Mahara before 1.4.1, when MNet (aka the Moodle network feature)
is ...)
+	{DSA-2334-1}
 	- mahara 1.4.1-1
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=4138
 CVE-2011-2773 (Cross-site request forgery (CSRF) vulnerability in Mahara before
1.4.1 ...)
@@ -8322,8 +8342,8 @@
 	NOTE: maintainer claims you shouldn''t grant access to the SOAP daemon
to a user you do not trust.
 CVE-2011-1517
 	RESERVED
-CVE-2011-1516
-	RESERVED
+CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox
profiles in ...)
+	TODO: check
 CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00
through ...)
 	NOT-FOR-US: HP OpenView
 CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00
through ...)
@@ -47919,7 +47939,7 @@
 	NOT-FOR-US: Notepad++
 CVE-2008-3435 (LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not
properly ...)
 	NOT-FOR-US: LinkedIn
-CVE-2008-3434 (Apple iTunes before 6.0.5.20 does not properly verify the
authenticity ...)
+CVE-2008-3434 (Apple iTunes before 10.5.1 does not properly verify the
authenticity ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3433 (SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not
...)
 	NOT-FOR-US: SpeedBit Download Accelerator Plus

Secure testing commits - Nov 2011 - r17626 - data/CVE

[Secure-testing-commits] r17626 - data/CVE