Author: joeyh
Date: 2009-12-19 21:14:16 +0000 (Sat, 19 Dec 2009)
New Revision: 13605
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-12-19 20:30:41 UTC (rev 13604)
+++ data/CVE/list 2009-12-19 21:14:16 UTC (rev 13605)
@@ -356,6 +356,7 @@
NOTE: cve requested
CVE-2009-4261 [ganeti command execution]
RESERVED
+ {DSA-1959-1}
- ganeti 2.0.5-1 (low)
NOTE: http://www.ocert.org/advisories/ocert-2009-019.html
CVE-2009-4260
@@ -409,6 +410,7 @@
CVE-2009-4236 (The process function in ...)
NOT-FOR-US: EC-CUBE
CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local
users ...)
+ {DSA-1960-1}
- acpid 1.0.6 (low; bug #560771)
NOTE: all versions set umask(0), might be worth double-checking what it opens
CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in ...)
@@ -1711,7 +1713,7 @@
[lenny] - openmpi <no-dsa> (Minor issue)
[etch] - openmpi <no-dsa> (Minor issue)
- parser <unfixed> (unimportant; bug #559837)
- NOTE: users with write access can modify configuration to load new
extensions, see #559837
+ NOTE: users with write access can modify configuration to load new extensions,
see #559837
- pdsh <not-affected> (Only loads from /usr/lib/pdsh, which is
controlled by root)
- sbnc <not-affected> (All released/unstable versions use the system
copy of libtool)
- sdcc <unfixed> (low; bug #559840)