Raphael Geissert
2009-Dec-29 05:50 UTC
[Secure-testing-commits] r13671 - in data: CVE packages
Author: geissert Date: 2009-12-29 05:50:43 +0000 (Tue, 29 Dec 2009) New Revision: 13671 Modified: data/CVE/list data/packages/new-packages Log: Two ITPs, one NEW package, NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-28 21:14:20 UTC (rev 13670) +++ data/CVE/list 2009-12-29 05:50:43 UTC (rev 13671) @@ -865,6 +865,7 @@ CVE-2009-4141 RESERVED CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php in Open ...) + - piwik <itp> (bug #506933) TODO: check CVE-2009-4139 RESERVED @@ -886,6 +887,7 @@ CVE-2009-4134 RESERVED CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for ...) + - condor <itp> (bug #233482) TODO: check CVE-2009-4132 REJECTED @@ -1760,25 +1762,25 @@ NOTE: but the "fixes" linked from the advisory only change code in kdelibs NOTE: more info at oss-sec threads CVE-2009-3800 (Multiple unspecified vulnerabilities in Adobe Flash Player before ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3799 (Integer overflow in the Verifier::parseExceptionHandlers function in ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3798 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3797 (Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3796 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3795 RESERVED CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2009-3793 RESERVED CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server (FMS) ...) - TODO: check + NOT-FOR-US: Adobe Flash Media Server CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before ...) - TODO: check + NOT-FOR-US: Adobe Flash Media Server CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation ...) NOT-FOR-US: FormMax CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan ...) @@ -4915,17 +4917,17 @@ [lenny] - burn 0.4.3-2.1+lenny1 [etch] - burn <no-dsa> (Minor issue) CVE-2009-2880 (Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2879 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2878 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2877 (Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2876 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2875 (Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x ...) - TODO: check + NOT-FOR-US: Cisco WebEx WRF Player CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before ...) NOT-FOR-US: Cisco Unified Presence CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...) @@ -40801,9 +40803,9 @@ CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before ...) NOT-FOR-US: Cisco CVE-2007-2281 (Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2007-2280 (Stack-based buffer overflow in OmniInet.exe (aka the backup client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage ...) NOT-FOR-US: Symantec CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...) Modified: data/packages/new-packages ==================================================================--- data/packages/new-packages 2009-12-28 21:14:20 UTC (rev 13670) +++ data/packages/new-packages 2009-12-29 05:50:43 UTC (rev 13671) @@ -123,3 +123,4 @@ uanytun xblast-tnt xblast-tnt-sounds +dnsjava