Author: gilbert-guest Date: 2009-11-24 03:50:06 +0000 (Tue, 24 Nov 2009) New Revision: 13358 Modified: data/CVE/list data/embedded-code-copies Log: - bugs submitted for kvm issues - kernel triage - prototypejs updates - bugs submitted for libjs-yui issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-11-24 00:52:56 UTC (rev 13357) +++ data/CVE/list 2009-11-24 03:50:06 UTC (rev 13358) @@ -85,9 +85,8 @@ CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...) NOT-FOR-US: Serv-U FTP server CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...) - - linux-2.6 <unfixed> - - linux-2.6.24 <removed> - TODO: check + - linux-2.6 <unfixed> (low) + - linux-2.6.24 <removed> (low) CVE-2009-4003 RESERVED CVE-2009-4002 @@ -183,10 +182,9 @@ - php4 <unfixed> (medium) NOTE: workarounds include using 5.3.1 or php5-suhosin NOTE: 4B068517.802 at acunetix.com on bugtraq explains it -CVE-2009-XXXX [array indexing error in gdth_read_event() in drivers/scsi/gdth.c] - - linux-2.6 <unfixed> - - linux-2.6.24 <removed> - TODO: check +CVE-2009-3080 [array indexing error in gdth_read_event() in drivers/scsi/gdth.c] + - linux-2.6 <unfixed> (medium) + - linux-2.6.24 <removed> (medium) NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0 CVE-2009-XXXX [command injection in the Mail pear module] - php-mail 1.1.14-2 (medium; bug #557121) @@ -249,11 +247,10 @@ - linux-2.6 <unfixed> (low) - linux-2.6.24 <removed> (low) CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...) - - linux-2.6 <unfixed> + - linux-2.6 <unfixed> (medium) [etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25) - linux-2.6.24 <not-affected> (kvm introduced in 2.6.25) - - kvm <unfixed> - TODO: check + - kvm <unfixed> (medium; bug #557736) NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through ...) NOT-FOR-US: Sun OpenSolaris @@ -741,8 +738,7 @@ [etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1) [lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1) - linux-2.6 2.6.31-1 (low) - - kvm <unfixed> (low) - TODO: check kvm + - kvm <unfixed> (low; bug #557739) NOTE: http://bugzilla.redhat.com/531660 NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2 CVE-2009-3721 @@ -964,7 +960,7 @@ [lenny] - linux-2.6 <not-affected> (introduced post 2.6.27) [etch] - linux-2.6 <not-affected> (introduced post 2.6.27) - linux-2.6.24 <not-affected> (introduced post 2.6.27) - - kvm <unfixed> + - kvm <unfixed> (medium; bug #557737) [lenny] - kvm <not-affected> (Vulnerable code not present) CVE-2009-3639 (The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before ...) {DSA-1925-1} @@ -1228,8 +1224,9 @@ CVE-2009-3554 RESERVED CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling ...) - - cups <unfixed> - TODO: check + - cups <unfixed> (low; bug #557740) + [lenny] - cups <no-dsa> (minor issue) + - cupsys <not-affected> (vulnerable code introduced in 1.3.x) NOTE: http://www.cups.org/newsgroups.php/s1+gcups.bugs?s1+gcups.bugs+v4+T+Q3200 CVE-2009-3552 RESERVED @@ -2216,7 +2213,7 @@ - libjson-ruby 1.1.4-1 (low; bug #555223) [lenny] - libjson-ruby <no-dsa> (minor issue) TODO: next point release [lenny] - libjson-ruby 1.1.2-1+lenny1 - - lucene2 <unfixed> (low; bug #555225) + - lucene2 2.9.1+ds1-2 (low; bug #555225) [etch] - lucene2 <not-affected> (prototype.js not present) [lenny] - lucene2 <no-dsa> (minor issue) - glpi 0.72.3-1 (low; bug #555228) @@ -2235,15 +2232,13 @@ [lenny] - ebug-http <no-dsa> (Minor issue) - poker-network <unfixed> (low; bug #555237) [etch] - poker-network <no-dsa> (minor issue) - - webhelpers <unfixed> (low; bug #555239) - [etch] - webhelpers <not-affected> (prototype.js not present) - [lenny] - webhelpers <no-dsa> (minor issue) + - webhelpers 0.3.4-2 (low; bug #555239) - qwik <unfixed> (low; bug #555240) [etch] - qwik <no-dsa> (minor issue) [lenny] - qwik <no-dsa> (minor issue) - wordpress 2.5.0-2 (low; bug #555242) [etch] - wordpress <not-affected> (prototype.js not present) - - exaile <unfixed> (low; bug #555244) + - exaile 0.2.14+debian-2.1 (low; bug #555244) [lenny] - exaile <no-dsa> (minor issue) - hobix 0.5~svn20070319-4 (low; bug #555246) [lenny] - hobix <no-dsa> (minor issue) @@ -2618,8 +2613,6 @@ NOT-FOR-US: Snow Hall Silurus System CVE-2009-3081 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...) NOT-FOR-US: Uiga Church Portal -CVE-2009-3080 (Array index error in the gdth_read_event function in ...) - TODO: check CVE-2009-3079 (Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x ...) {DSA-1886-1} - iceweasel 3.0.14-1 @@ -5418,6 +5411,7 @@ {DSA-1846-1 DSA-1845-1} - linux-2.6 2.6.30-2 (low) - linux-2.6.24 <removed> + - kvm <unfixed> (low; bug #557737) CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...) {DSA-1835-1} - tiff 3.8.2-12 (low; bug #534137) @@ -38910,7 +38904,16 @@ CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 ...) NOT-FOR-US: Apple mDNSResponder CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...) - TODO: check yui + - yui <unfixed> (low; bug #557745) + [lenny] - yui <no-dsa> (minor issue) + - bcfg2 <not-affected> (present in source but not included in any binary files) + - serendipity <unfixed> (low; bug #557746) + [etch] - serendipity <no-dsa> (minor issue) + [lenny] - serendipity <no-dsa> (minor issue) + - moodle <not-affected> (uses system libjs-yui) + - jifty <unfixed> (low; bug #557748) + - webgui <not-affected> (uses system libjs-yui) + - loggerhead <not-affected> (uses system libjs-yui) NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf NOTE: This allows to steal data from affected websites. Therefore web applications should NOTE: only be considered vunerabile if they process confidential data. @@ -38931,7 +38934,7 @@ [etch] - libaws <no-dsa> (minor issue) [lenny] - libaws <no-dsa> (minor issue) - libjson-ruby <not-affected> (has prototype.js >= 1.5.1) - - lucene2 <unfixed> (low; bug #555225) + - lucene2 2.9.1+ds1-2 (low; bug #555225) [etch] - lucene2 <not-affected> (prototype.js not present) [lenny] - lucene2 <no-dsa> (minor issue) - glpi 0.72.3-1 (low; bug #555228) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-11-24 00:52:56 UTC (rev 13357) +++ data/embedded-code-copies 2009-11-24 03:50:06 UTC (rev 13358) @@ -652,7 +652,7 @@ - webcit <unfixed> (embed; bug #555219) - asterisk 1:1.6.2.0~rc3-1 (embed) - libjson-ruby 1.1.4-1 (embed; bug #555224) - - lucene2 <unfixed> (embed; bug #555226) + - lucene2 2.9.1+ds1-2 (embed; bug #555226) - horde3 <unfixed> (embed) - knowledgeroot <unfixed> (embed; bug #555230) - mediatomb <unfixed> (embed; bug #555233) @@ -665,7 +665,7 @@ - zope <not-affected> (the prototypejs embed is not in any of the obvious zope packages, e.g. zope2.9, zope2.10, zope2.11, and zope3) TODO: search through all of the other zope packages - ampache 3.4.1-2 (embed) - - exaile <unfixed> (embed; bug #555245) + - exaile 0.2.14+debian-2.1 (embed; bug #555245) - hobix 0.5~svn20070319-4 (embed; bug #555247) - zabbix 1.6.6-4 (embed; bug #555250) - chora2 <unfixed> (embed; bug #555253) @@ -1355,3 +1355,14 @@ python-dateutil - awn-extras-applets <unfixed> (embed) - matplotlib <unknown> (embed) + +cups + - cupsys <removed> (old-version) + +yui + - bcfg2 <not-affected> (present in source but not included in any binary files) + - serendipity <unfixed> (embed; bug #557746) + - moodle 1.8.2.dfsg-5 (embed) + - jifty <unfixed> (embed; bug #557748) + - webgui 7.7.26-1 (embed) + - loggerhead 1.17-1 (embed)