Secure testing commits - Aug 2009 - r12711 - in data: . CVE

Author: jmm-guest
Date: 2009-08-30 21:03:42 +0000 (Sun, 30 Aug 2009)
New Revision: 12711

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
- ntop indeed no-dsa
- new ikiwiki issue
- new serveez issue (no-dsa candidate)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-30 18:28:44 UTC (rev 12710)
+++ data/CVE/list	2009-08-30 21:03:42 UTC (rev 12711)
@@ -1,5 +1,7 @@
 CVE-2009-2999
 	RESERVED
+CVE-2009-XXXX [serveez: buffer overflow in header parser]
+	- serveez <removed> 
 CVE-2009-2998
 	RESERVED
 CVE-2009-2997
@@ -216,8 +218,9 @@
 	RESERVED
 CVE-2009-2945
 	RESERVED
-CVE-2009-2944
+CVE-2009-2944 [ikiwiki: insufficient blacklist in teximg module]
 	RESERVED
+	- ikiwiki 3.1415926
 CVE-2009-2943
 	RESERVED
 CVE-2009-2942
@@ -950,7 +953,8 @@
 	RESERVED
 CVE-2009-2732 (The checkHTTPpassword function in http.c in ntop 3.3.10 and
earlier ...)
 	- ntop <unfixed> (low; bug #543312)
-	NOTE: no-dsa candidate
+	[lenny] - ntop <no-dsa> (Minor issue)
+	[etch] - ntop <no-dsa> (Minor issue)
 CVE-2009-2731
 	RESERVED
 CVE-2009-2730 (libgnutls in GnuTLS before 2.8.2 does not properly handle a
''\0'' ...)

Modified: data/ospu-candidates.txt
==================================================================---
data/ospu-candidates.txt	2009-08-30 18:28:44 UTC (rev 12710)
+++ data/ospu-candidates.txt	2009-08-30 21:03:42 UTC (rev 12711)
@@ -489,6 +489,11 @@
 
 --
 
+ntop (CVE-2009-2732)
+#543312
+
+--
+
 nvi
 #496462
 notified maintainer

Modified: data/spu-candidates.txt
==================================================================---
data/spu-candidates.txt	2009-08-30 18:28:44 UTC (rev 12710)
+++ data/spu-candidates.txt	2009-08-30 21:03:42 UTC (rev 12711)
@@ -134,6 +134,11 @@
 
 --
 
+ntop (CVE-2009-2732)
+#543312
+
+--
+
 squid (CVE-2009-0801)
 #521053