Giuseppe Iuculano
2009-Sep-11 18:24 UTC
[Secure-testing-commits] r12790 - in data: CVE packages
Author: derevko-guest
Date: 2009-09-11 18:24:14 +0000 (Fri, 11 Sep 2009)
New Revision: 12790
Modified:
data/CVE/list
data/packages/removed-packages
Log:
- zope3 removed
- CVE-2009-2702: KDE KSSL NULL Character Certificate Spoofing Vulnerability
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-09-11 16:52:11 UTC (rev 12789)
+++ data/CVE/list 2009-09-11 18:24:14 UTC (rev 12790)
@@ -1705,7 +1705,9 @@
- gaim <removed>
NOTE: this is only a null ptr dereference and can only be triggered by a rogue
irc server
CVE-2009-2702 (KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly
handle a ...)
- TODO: check
+ - kdelibs <unfixed> (low; bug #546212)
+ - kde4libs <unfixed> (low; bug #546218)
+ NOTE: kde4libs no-dsa candidate, probably affected code is no longer used
CVE-2009-2701 (Unspecified vulnerability in the Zope Enterprise Objects (ZEO)
...)
TODO: check
CVE-2009-2700 (src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x
does not ...)
@@ -8244,14 +8246,14 @@
RESERVED
CVE-2009-0669 (Zope Object Database (ZODB) before 3.8.2, when certain Zope
Enterprise ...)
{DSA-1863-1}
- - zope3 <unfixed> (bug #540462)
+ - zope3 <removed> (bug #540462)
- zope2.11 2.11.4-1 (bug #540463)
- zope2.10 2.10.9-1 (bug #540464)
- zope2.9 <removed>
- zodb 1:3.8.2-1 (bug #540465)
CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before
3.8.2, ...)
{DSA-1863-1}
- - zope3 <unfixed> (medium; bug #540462)
+ - zope3 <removed> (medium; bug #540462)
- zope2.11 2.11.4-1 (medium; bug #540463)
- zope2.10 2.10.9-1 (medium; bug #540464)
- zope2.9 <removed>
Modified: data/packages/removed-packages
==================================================================---
data/packages/removed-packages 2009-09-11 16:52:11 UTC (rev 12789)
+++ data/packages/removed-packages 2009-09-11 18:24:14 UTC (rev 12790)
@@ -218,3 +218,4 @@
verlihub
gpdf
usermin
+zope3