Author: derevko-guest Date: 2009-07-29 12:12:07 +0000 (Wed, 29 Jul 2009) New Revision: 12445 Modified: data/CVE/list data/ospu-candidates.txt data/spu-candidates.txt Log: CVE-2009-0801 spu/ospu candidate NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-29 11:54:04 UTC (rev 12444) +++ data/CVE/list 2009-07-29 12:12:07 UTC (rev 12445) @@ -1,55 +1,55 @@ CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions ...) - TODO: check + NOT-FOR-US: DataCheck Solutions V-SpacePal CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in ...) - TODO: check + NOT-FOR-US: MDPro module CVE-2009-2617 (Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 ...) - TODO: check + NOT-FOR-US: BaoFeng Storm CVE-2009-2616 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...) - TODO: check + NOT-FOR-US: DataCheck Solutions CVE-2009-2615 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...) - TODO: check + NOT-FOR-US: DataCheck Solutions CVE-2009-2614 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...) - TODO: check + NOT-FOR-US: DataCheck Solutions CVE-2009-2613 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...) - TODO: check + NOT-FOR-US: DataCheck Solutions CVE-2009-2612 (SQL injection vulnerability in login.aspx in ProSMDR allows remote ...) - TODO: check + NOT-FOR-US: ProSMDR CVE-2009-2611 (Directory traversal vulnerability in ...) - TODO: check + NOT-FOR-US: MyFusion CVE-2009-2610 (Cross-site scripting (XSS) vulnerability in the Links Related module ...) - TODO: check + NOT-FOR-US: Drupal module CVE-2009-2609 (SQL injection vulnerability in the amoCourse (com_amocourse) component ...) - TODO: check + NOT-FOR-US: Joomla! module CVE-2009-2608 (Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow ...) - TODO: check + NOT-FOR-US: PHP Address Book CVE-2009-2607 (SQL injection vulnerability in the com_pinboard component for Joomla! ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-2606 (ASP Football Pool 2.3 stores sensitive information under the web root ...) - TODO: check + NOT-FOR-US: ASP Football Pool CVE-2009-2605 (Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up ...) - TODO: check + NOT-FOR-US: Traidnt up CVE-2009-2604 (Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help ...) - TODO: check + NOT-FOR-US: Zen Help Desk CVE-2009-2603 (Multiple SQL injection vulnerabilities in index.php in Escon ...) - TODO: check + NOT-FOR-US: Escon SupportPortal Pro CVE-2009-2602 (R2 Newsletter Lite, Pro, and Stats stores sensitive information under ...) - TODO: check + NOT-FOR-US: R2 Newsletter Store CVE-2009-2601 (SQL injection vulnerability in the Joomlaequipment (aka JUser or ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-2600 (Multiple directory traversal vulnerabilities in view.php in Webboard ...) - TODO: check + NOT-FOR-US: Webboard CVE-2009-2599 (SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 ...) - TODO: check + NOT-FOR-US: RadCLASSIFIEDS CVE-2009-2598 (Multiple SQL injection vulnerabilities in Online Grades & Attendance ...) - TODO: check + NOT-FOR-US: Online Grades & Attendance CVE-2009-2597 (The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for ...) - TODO: check + NOT-FOR-US: Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server CVE-2009-2596 (Unspecified vulnerability in the Solaris Auditing subsystem in Sun ...) - TODO: check + NOT-FOR-US: Solaris Auditing subsystem CVE-2008-6878 (** DISPUTED ** Directory traversal vulnerability in ...) - TODO: check + NOT-FOR-US: Zen Cart CVE-2008-6877 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Zen Cart CVE-2009-2622 [squid3 DoS because of missing bounds checks] {DSA-1843-1} - squid3 <unfixed> (medium; bug #538989) Modified: data/ospu-candidates.txt ==================================================================--- data/ospu-candidates.txt 2009-07-29 11:54:04 UTC (rev 12444) +++ data/ospu-candidates.txt 2009-07-29 12:12:07 UTC (rev 12445) @@ -601,6 +601,16 @@ -- +squid (CVE-2009-0801) +#521053 + +-- + +squid3 (CVE-2009-0801) +#521052 + +-- + ssmtp (CVE-2008-3962) #498366 notified maintainer Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2009-07-29 11:54:04 UTC (rev 12444) +++ data/spu-candidates.txt 2009-07-29 12:12:07 UTC (rev 12445) @@ -110,6 +110,16 @@ -- +squid (CVE-2009-0801) +#521053 + +-- + +squid3 (CVE-2009-0801) +#521052 + +-- + stardict (CVE-2009-2260) #534731 notified maintainer