Author: jmm Date: 2012-01-04 17:21:59 +0000 (Wed, 04 Jan 2012) New Revision: 18022 Modified: data/CVE/list Log: - pidgin fixed - pgppgadmin no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-04 15:29:45 UTC (rev 18021) +++ data/CVE/list 2012-01-04 17:21:59 UTC (rev 18022) @@ -1608,11 +1608,11 @@ [squeeze] - linux-2.6 <not-affected> (Vulnerable code not present) [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) CVE-2011-4603 (The silc_channel_message function in ops.c in the SILC protocol plugin ...) - - pidgin <unfixed> (low) + - pidgin 2.10.1-1 (low) CVE-2011-4602 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ...) - - pidgin <unfixed> (low) + - pidgin 2.10.1-1 (low) CVE-2011-4601 (family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin ...) - - pidgin <unfixed> (low) + - pidgin 2.10.1-1 (low) CVE-2011-4600 RESERVED CVE-2011-4599 @@ -4666,7 +4666,8 @@ - libcrypt-dsa-perl 1.17-3 (unimportant; bug #644189) NOTE: All supported Debian kernels have /dev/random, so severity unimportant CVE-2011-3598 (Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin ...) - - phppgadmin 5.0.3-1 (bug #644290) + - phppgadmin 5.0.3-1 (low; bug #644290) + [squeeze] - phppgadmin <no-dsa> (Minor issue) NOTE: https://secunia.com/advisories/46248/ CVE-2011-3597 [unsafe use of eval] RESERVED @@ -4685,7 +4686,7 @@ RESERVED - joomla <itp> (bug #571794) CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in in ...) - - pidgin <unfixed> (unimportant) + - pidgin 2.10.1-1 (unimportant) NOTE: http://developer.pidgin.im/ticket/14636 NOTE: relatively obscure client crash CVE-2011-3593