Author: geissert Date: 2009-10-27 19:07:10 +0000 (Tue, 27 Oct 2009) New Revision: 13105 Modified: data/CVE/list Log: new asterisk, markdown issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-10-27 07:13:16 UTC (rev 13104) +++ data/CVE/list 2009-10-27 19:07:10 UTC (rev 13105) @@ -1,3 +1,12 @@ +CVE-2009-XXXX [python-markdown Script Insertion Vulnerabilities] + - python-markdown <unfixed> + TODO: check + NOTE: http://secunia.com/advisories/37142/ +CVE-2009-XXXX [Unauthorized calls allowed on prohibited networks in asterisk] + [etch] - asterisk <not-affected> + [lenny] - asterisk <not-affected> + - asterisk <unfixed> (medium) + NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html CVE-2009-XXXX [NULL dereferences, similar to Adobe''s CVE-2009-0658] - ghostscript <unfixed> - xpdf <unfixed> @@ -341,7 +350,7 @@ - typo3-src 4.2.10-1 (medium; bug #552020) CVE-2009-3627 ["decode_entities()" Denial of Service] RESERVED - - libhtml-parser-perl <unfixed> (bug filed) + - libhtml-parser-perl <unfixed> (bug #552531) NOTE: http://secunia.com/advisories/37155/ CVE-2009-3626 [perl utf8 DoS] RESERVED @@ -565,7 +574,7 @@ CVE-2009-3547 RESERVED CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the ...) - - libgd2 <unfixed> (medium; bug filed) + - libgd2 <unfixed> (medium; bug #552534) - php5 <not-affected> (the php packages use the system libgd2) NOTE: http://svn.php.net/viewvc?view=revision&revision=289557 NOTE: <20091015173822.084de220 at redhat.com> in OSS-sec