Moritz Muehlenhoff
2009-Aug-15 08:51 UTC
[Secure-testing-commits] r12599 - in data: CVE DSA
Author: jmm-guest
Date: 2009-08-15 08:51:19 +0000 (Sat, 15 Aug 2009)
New Revision: 12599
Modified:
data/CVE/list
data/DSA/list
Log:
- one more icedove issue fixed in DSA
- fix 2.6.24 entry fr smbfs
- clamav no-dsa
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-15 02:05:15 UTC (rev 12598)
+++ data/CVE/list 2009-08-15 08:51:19 UTC (rev 12599)
@@ -2113,7 +2113,7 @@
[lenny] - backuppc 3.1.0-4lenny1
CVE-2009-XXXX [clamav scanner bypass with archives]
- clamav 0.95.2+dfsg-1 (low; bug #535881)
- TODO: request CVE id
+ [lenny] - clamav <no-dsa> (Inherent to the concept of malware concept)
NOTE: http://blog.zoller.lu/2009/05/advisory-clamav-generic-bypass.html
CVE-2009-2073 (Cross-site request forgery (CSRF) vulnerability in Linksys
WRT160N ...)
NOT-FOR-US: Linksys
@@ -23950,7 +23950,8 @@
NOT-FOR-US: xeCMS
CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root
on a ...)
- linux-2.6 2.6.17-1 (low; bug #529318)
- - linux-2.6.24 <removed>
+ - linux-2.6.24 <not-affected> (Fixed before initial upload, 2.6.17)
+ NOTE: While labeled as an Apache flaw, fix required in smbfs
CVE-2007-XXXX [venkman preinst symlink dos]
- venkman 0.9.87.2-1 (bug #456520)
[lenny] - venkman <not-affected> (Vulnerable code not present)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2009-08-15 02:05:15 UTC (rev 12598)
+++ data/DSA/list 2009-08-15 08:51:19 UTC (rev 12599)
@@ -125,7 +125,7 @@
{CVE-2009-0858}
[lenny] - djbdns 1:1.05-4+lenny1
[12 Jul 2009] DSA-1830-1 icedove - several vulnerabilities
- {CVE-2009-0040 CVE-2009-0352 CVE-2009-0353 CVE-2009-0652 CVE-2009-0771
CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0776 CVE-2009-1302
CVE-2009-1303 CVE-2009-1307 CVE-2009-1392 CVE-2009-1832 CVE-2009-1836
CVE-2009-1838 CVE-2009-1841}
+ {CVE-2009-0040 CVE-2009-0352 CVE-2009-0353 CVE-2009-0652 CVE-2009-0771
CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0776 CVE-2009-1302
CVE-2009-1303 CVE-2009-1307 CVE-2009-1392 CVE-2009-1832 CVE-2009-1836
CVE-2009-1838 CVE-2009-1841 CVE-2009-2210}
[lenny] - icedove 2.0.0.22-0lenny1
[11 Jul 2009] DSA-1829-1 sork-passwd-h3 - cross-site scripting
{CVE-2009-2360}