Author: jmm-guest
Date: 2010-01-13 20:59:26 +0000 (Wed, 13 Jan 2010)
New Revision: 13804
Modified:
data/CVE/list
Log:
- centerim fixed
- drupal fixed
- snort fixed
- NFUs for the recent Adobe update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-01-13 20:58:39 UTC (rev 13803)
+++ data/CVE/list 2010-01-13 20:59:26 UTC (rev 13804)
@@ -953,15 +953,17 @@
CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM)
2.1.5, ...)
NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module
...)
- - drupal6 <unfixed> (low; bug #562165)
+ - drupal6 6.15-1 (low; bug #562165)
[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
+ - drupal5 5.21-1
CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...)
- - drupal6 <unfixed> (low; bug #562165)
+ - drupal6 6.15-1 (low; bug #562165)
[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
+ - drupal5 5.21-1
CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module
...)
- - drupal6 <unfixed> (low; bug #562165)
+ - drupal6 6.15-1 (low; bug #562165)
[lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
- - drupal5 <unfixed> (low)
+ - drupal5 5.21-1 (low)
CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4
have ...)
NOT-FOR-US: Centreon
CVE-2009-4367 (The Staging Webservice ("sitecore
modules/staging/service/api.asmx") ...)
@@ -2168,18 +2170,25 @@
RESERVED
CVE-2009-3959
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3958
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3957
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3956
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3955
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3954
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3953
RESERVED
+ NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and
...)
TODO: check
CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in
Adobe ...)
@@ -3096,7 +3105,7 @@
CVE-2009-3642 (Multiple SQL injection vulnerabilities in the Call Logging
feature in ...)
NOT-FOR-US: FrontRange HEAT
CVE-2009-3641 (Snort before 2.8.5.1, when the -v option is enabled, allows
remote ...)
- - snort <unfixed> (unimportant; bug #553584)
+ - snort 2.8.5.2-1 (unimportant; bug #553584)
NOTE: current debian packages are not compiled with support for ipv6
CVE-2009-3640 (The update_cr8_intercept function in arch/x86/kvm/x86.c in the
KVM ...)
- linux-2.6 2.6.31-1 (medium)
@@ -15142,12 +15151,8 @@
CVE-2008-5914 (An unspecified function in the JavaScript implementation in
Apple ...)
NOT-FOR-US: Apple
CVE-2008-5913 (An unspecified function in the JavaScript implementation in
Mozilla ...)
- - xulrunner <unfixed> (low; bug #559792)
- [etch] - xulrunner <no-dsa> (fix requires significant rewrite of prng)
- [lenny] - xulrunner <no-dsa> (fix requires significant rewrite of prng)
- - iceape <unfixed> (low)
- [etch] - iceape <no-dsa> (fix requires significant rewrite of prng)
- [lenny] - iceape <no-dsa> (fix requires significant rewrite of prng)
+ - xulrunner <unfixed> (undetermined; bug #559792)
+ - iceape <unfixed> (undetermined)
CVE-2008-5912 (An unspecified function in the JavaScript implementation in
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix
...)
@@ -18383,7 +18388,7 @@
- libgadu 1:1.8.0+r592-3 (low; bug #503916)
- kadu 0.6.0.2-3 (low; bug #504429)
- ekg 1:1.8~rc0-1 (low)
- - centerim <unfixed> (low; bug #559782)
+ - centerim 4.22.9-1 (low; bug #559782)
- qutecom <not-affected> (does not use libgadu embed; bug #559784)
CVE-2008-4769 (Directory traversal vulnerability in the get_category_template
...)
{DSA-1871-2 DSA-1871-1}