Moritz Muehlenhoff
2009-Jun-18 20:45 UTC
[Secure-testing-commits] r12155 - in data: CVE DSA
Author: jmm-guest
Date: 2009-06-18 20:45:26 +0000 (Thu, 18 Jun 2009)
New Revision: 12155
Modified:
data/CVE/list
data/DSA/list
Log:
- add dkim CVE ID to DSA entry
- adtool non-issue
- bugnums
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-06-18 16:18:44 UTC (rev 12154)
+++ data/CVE/list 2009-06-18 20:45:26 UTC (rev 12155)
@@ -112,7 +112,9 @@
[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
CVE-2009-XXXX [adtool leaks password in environment]
- - adtool 1.3.2-1 (low)
+ - adtool 1.3.2-1 (unimportant)
+ NOTE: adtool has safe means to specify the password, so this boils
+ NOTE: down to potential insecure usage
CVE-2009-2027 (The Installer in Apple Safari before 4.0 on Windows allows local
users ...)
NOT-FOR-US: Apple Safari
CVE-2009-2026
@@ -642,7 +644,7 @@
CVE-2009-1809 (Multiple cross-site scripting (XSS) vulnerabilities in myColex
1.4.2 ...)
NOT-FOR-US: myColex
CVE-2009-1829 (Unspecified vulnerability in the PCNFSD dissector in Wireshark
0.8.20 ...)
- - wireshark <unfixed> (low)
+ - wireshark <unfixed> (low; bug #533347)
CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of
...)
NOT-FOR-US: Microsoft
CVE-2009-1807 (Unspecified vulnerability in Config.dll in Baofeng products
3.09.04.17 ...)
@@ -4441,7 +4443,6 @@
- dkim-milter 2.6.0.dfsg-2 (low)
[lenny] - dkim-milter 2.6.0.dfsg-1+lenny1
NOTE:
http://sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
- NOTE: CVE id requested
CVE-2009-0749 (Use-after-free vulnerability in the GIFReadNextExtension
function in ...)
- optipng 0.6.2.1-1 (low)
[etch] - optipng 0.5.5-2
@@ -5923,7 +5924,6 @@
- squid 2.7.STABLE3-4.1 (medium; bug #514142)
- squid3 3.0.STABLE8-3 (medium)
[etch] - squid <not-affected> (Vulnerable code not present)
- NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
CVE-2009-XXXX [glpi sql injection]
- glpi 0.71.5-1 (bug #513611)
CVE-2009-0490 (Stack-based buffer overflow in the
String_parse::get_nonspace_quoted ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2009-06-18 16:18:44 UTC (rev 12154)
+++ data/DSA/list 2009-06-18 20:45:26 UTC (rev 12155)
@@ -354,6 +354,7 @@
{CVE-2009-0386 CVE-2009-0387 CVE-2009-0397}
[etch] - gst-plugins-bad0.10 0.10.3-3.1+etch1
[27 Feb 2009] DSA-1728-1 dkim-milter - denial of service
+ {CVE-2009-0770}
[lenny] - dkim-milter 2.6.0.dfsg-1+lenny1
[26 Feb 2009] DSA-1727-1 - SQL injection vulnerabilites
{CVE-2009-0542 CVE-2009-0543}