Author: jmm-guest Date: 2009-07-15 21:27:01 +0000 (Wed, 15 Jul 2009) New Revision: 12352 Modified: data/CVE/list data/spu-candidates.txt Log: mark wordpress info leaks as unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-15 21:14:36 UTC (rev 12351) +++ data/CVE/list 2009-07-15 21:27:01 UTC (rev 12352) @@ -85,9 +85,11 @@ CVE-2009-2433 (Stack-based buffer overflow in the AddFavorite method in Microsoft ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2009-2432 (WordPress and WordPress MU before 2.8.1 allow remote attackers to ...) - - wordpress <unfixed> (low; bug #537146) + - wordpress <unfixed> (unimportant; bug #537146) + NOTE: Installation path is a known fact on a Debian package installation CVE-2009-2431 (WordPress 2.7.1 places the username of a post''s author in an HTML ...) - - wordpress <unfixed> (low; bug #537146) + - wordpress <unfixed> (unimportant; bug #537146) + NOTE: Minor information leak CVE-2009-2430 (Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and ...) NOT-FOR-US: Sun Solaris CVE-2009-2429 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...) @@ -430,8 +432,6 @@ CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel ...) - linux-2.6 2.6.30-2 (low) - linux-2.6.24 <removed> - NOTE: upstream 2.6.30 does not contain the patch for this issue - TODO: check 2.6.31 when it is released CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...) {DSA-1835-1} - tiff 3.8.2-12 (low; bug #534137) Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2009-07-15 21:14:36 UTC (rev 12351) +++ data/spu-candidates.txt 2009-07-15 21:27:01 UTC (rev 12352) @@ -93,6 +93,10 @@ -- +memcached (CVE-2009-1255) +bug #527330) + + mimedecode potential dos/crash due to invalid input #530430