Author: gilbert-guest
Date: 2009-12-13 01:52:08 +0000 (Sun, 13 Dec 2009)
New Revision: 13536
Modified:
data/CVE/list
Log:
coreutils, alien-arena, expat, and qutecom issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-12-13 01:32:33 UTC (rev 13535)
+++ data/CVE/list 2009-12-13 01:52:08 UTC (rev 13536)
@@ -355,10 +355,8 @@
RESERVED
CVE-2009-4135 [distcheck insecure temp dirs handling]
RESERVED
- - coreutils <unfixed>
- TODO: check
+ - coreutils <not-affected> (this issue only affects the coreutils build
process; bug #560898)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
- NOTE: does it really look like an issue affecting coreutils at build time?
CVE-2009-4134
RESERVED
CVE-2009-4133
@@ -1692,9 +1690,9 @@
NOTE: fixed in upstream 2.6.32-rc4
- linux-2.6.24 <not-affected> (introduced in 2.6.25)
- kvm <unfixed> (medium)
-CVE-2009-3637 [alien-arena server issue]
+CVE-2009-3637 [alien-arena remote arbitrary code execution]
RESERVED
- - alien-arena <unfixed> (bug #552038)
+ - alien-arena <unfixed> (high; bug #552038)
[lenny] - alien-arena <no-dsa> (Contrib not supported)
CVE-2009-3636 (Cross-site scripting (XSS) vulnerability in the Install Tool
...)
{DSA-1926-1}
@@ -1936,8 +1934,7 @@
CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32
allows ...)
NOT-FOR-US: Xerver HTTP Server
CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat
2.0.1, ...)
- - expat <unfixed>
- TODO: check
+ - expat <unfixed> (low; bug #560901)
CVE-2009-3559 (** DISPUTED ** ...)
- php5 <unfixed> (unimportant)
NOTE: safe_mode regression
@@ -16829,7 +16826,7 @@
- kadu 0.6.0.2-3 (low; bug #504429)
- ekg 1:1.8~rc0-1 (low)
- centerim <unfixed> (low; bug #559782)
- - qutecom <unfixed> (low; bug #559784)
+ - qutecom <not-affected> (does not use libgadu embed; bug #559784)
CVE-2008-4769 (Directory traversal vulnerability in the get_category_template
...)
{DSA-1871-2 DSA-1871-1}
- wordpress 2.5.1-1