Author: gilbert-guest Date: 2009-07-12 22:24:31 +0000 (Sun, 12 Jul 2009) New Revision: 12328 Modified: data/CVE/list Log: tracking new issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-12 21:43:43 UTC (rev 12327) +++ data/CVE/list 2009-07-12 22:24:31 UTC (rev 12328) @@ -1,3 +1,8 @@ +CVE-2009-XXXX [mysql: post-authentication format string vulnerability] + - mysql-dfsg-5.0 <unfixed> (low; bug #536726) + TODO: check lenny/sid; they are likely fixed according to the report, but i did not check +CVE-2009-XXXX [libio-socket-ssl-perl: partial hostname matching vulnerability] + - libio-socket-ssl-perl 1.26-1 (medium; bug #535946) CVE-2009-2421 (The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll in ...) NOT-FOR-US: Apple Safari CVE-2009-2420 (Apple Safari 3.2.3 does not properly implement the file: protocol ...) @@ -173,12 +178,18 @@ NOT-FOR-US: phpGreetCards CVE-2008-6848 (Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards ...) NOT-FOR-US: phpGreetCards -CVE-2009-2336 +CVE-2009-2336 [wordpress: CORE-2009-0515 multiple issues] RESERVED -CVE-2009-2335 + - wordpress <unfixed> (low; bug #536724) + NOTE: fixed in upstream 2.8.1, which is not yet in unstable +CVE-2009-2335 [wordpress: CORE-2009-0515 multiple issues] RESERVED -CVE-2009-2334 + - wordpress <unfixed> (low; bug #536724) + NOTE: fixed in upstream 2.8.1, which is not yet in unstable +CVE-2009-2334 [wordpress: CORE-2009-0515 multiple issues] RESERVED + - wordpress <unfixed> (low; bug #536724) + NOTE: fixed in upstream 2.8.1, which is not yet in unstable CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and ...) NOT-FOR-US: CMS Chainuk CVE-2009-2332 (CMS Chainuk 1.2 and earlier allows remote attackers to obtain ...)