Michael Gilbert
2010-Mar-05 02:52 UTC
[Secure-testing-commits] r14191 - in data: . CVE DSA DTSA
Author: gilbert-guest Date: 2010-03-05 02:52:03 +0000 (Fri, 05 Mar 2010) New Revision: 14191 Modified: data/CVE/list data/DSA/list data/DTSA/list data/embedded-code-copies Log: fix some more latently vulnerable issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-03-04 21:49:46 UTC (rev 14190) +++ data/CVE/list 2010-03-05 02:52:03 UTC (rev 14191) @@ -1477,6 +1477,7 @@ CVE-2010-0300 (cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a ...) {DSA-1980-1} - ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191) + - ircd-hybrid 1:7.2.2.dfsg.2-6.1 (low) CVE-2010-0299 (openSUSE 11.2 installs the devtmpfs root directory with insecure ...) - linux-2.6 2.6.32-6 [etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31) @@ -5096,6 +5097,7 @@ - linux-2.6.24 <not-affected> (redhat-specific configuration issue) CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...) {DSA-1934-1} + - apache2 2.2.14-2 NOTE: See separate CVE-2009-3555 file in SVN CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss ...) - jbossas4 4.2.2.GA-1 (bug #562000) @@ -7569,7 +7571,7 @@ NOT-FOR-US: Apple Mac OS X CVE-2009-2813 (Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and ...) {DSA-1908-1} - - samba 2:3.4.2-1 (unimportant; bug #550422) + - samba 2:3.4.2-1 (bug #550422) NOTE: requires an administrator to manually configure a user account without NOTE: a home dir, otherwise, this is ineffective CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly recognize ...) @@ -10934,6 +10936,7 @@ - qt4-x11 4:4.5.2-1 [etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4) - kdelibs 3.5.10.dfsg.1-2.1 (medium; bug #534949) + - kde4libs 4:4.3.0-1 (medium) CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...) {DSA-1950-1} - webkit 1.1.15.2-1 (medium; bug #535793) @@ -11713,7 +11716,8 @@ CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function ...) {DSA-1851-1 DSA-1850-1} - libmodplug 1:0.8.7-1 (low; bug #526657; bug #527076) - - gst-plugins-bad0.10 <not-affected> (it builds against an external libmodplug; bug #527075) + - gst-plugins-bad0.10 0.10.10.2-1 (bug #527075) + NOTE: gstreamer in unstable dynamically linked to external libmodplug CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka ...) NOT-FOR-US: CoolPlayer CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...) @@ -11855,7 +11859,7 @@ - linux-2.6 2.6.26-16 (low; bug #532721) - linux-2.6.24 <removed> CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux ...) - NOT-FOR-US: Different code base than Debian''s libpam-krb5 + - libpam-krb5 <not-affected> (different code base than Debian''s libpam-krb5) CVE-2009-1383 (The getdirective function in mathtex.cgi in mathTeX, when downloaded ...) - mathtex 1.03-1 (medium; bug #537258) CVE-2009-1382 (Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when ...) @@ -14641,6 +14645,7 @@ CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves function ...) {DSA-1769-1 DSA-1745-1} - lcms 1.18.dfsg-1 (bug #522446) + - openjdk-6 <undetermined> CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with ...) NOT-FOR-US: Downloadcenter CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free Arcade ...) @@ -14662,6 +14667,7 @@ CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms) before ...) {DSA-1769-1 DSA-1745-1} - lcms 1.18.dfsg-1 (bug #522446) + - openjdk-6 <undetermined> CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News 1.0.0 ...) NOT-FOR-US: Potato News CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in HP ...) @@ -15335,6 +15341,7 @@ CVE-2009-0581 (Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as ...) {DSA-1769-1 DSA-1745-1} - lcms 1.18.dfsg-1 (bug #522446) + - openjdk-6 <undetermined> CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...) - tomcat6 6.0.20-1 (low; bug #532362) - tomcat5 <removed> (low; bug #532363) @@ -17011,7 +17018,7 @@ - hplip <not-affected> (only a bug in ubuntus postinst script, we use our own postinst which is not vulnerable) CVE-2008-5907 (The png_check_keyword function in pngwutil.c in libpng before 1.0.42, ...) {DSA-1750-1} - - libpng 1.2.35-1 (unimportant; bug #512665) + - libpng 1.2.35-1 (bug #512665) NOTE: Only an issues when using libpng to create out-of-spec images CVE-2008-5906 (Eval injection vulnerability in the web interface plugin in KTorrent ...) - ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178) @@ -20534,6 +20541,7 @@ - xulrunner 1.9.0.4-1 - iceweasel 3.0.4-1 - iceape 1.1.13-1 + - icedove 2.0.0.19-1 CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...) NOT-FOR-US: IBM ENOVIA SmarTeam CVE-2008-4580 (fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows ...) @@ -24959,6 +24967,7 @@ - iceweasel 3.0~b2-1 - iceape 1.1.10-1 - xulrunner 1.9.0.1-1 + - icedove 2.0.0.16-1 CVE-2008-2802 (Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and ...) {DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1} - iceweasel 3.0~b2-1 @@ -28103,6 +28112,7 @@ - bind9 1:9.5.0.dfsg-5 (high) NOTE: glibc stub resolver relies on source port randomisation in kernel - dnsmasq 2.43-1 (medium; bug #490123) + - refpolicy 2:0.0.20080702-1 - pdnsd 1.2.6-par-11 (bug #502275) - python-dns 2.3.1-5 (low; bug #490217) - dnspython <unfixed> (unimportant; bug #492465) @@ -28564,7 +28574,7 @@ NOT-FOR-US: Shared Sun StorEdge QFS and SAM-QFS CVE-2008-1270 (mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not ...) {DSA-1521-1} - - lighttpd 1.4.19-1 (unimportant) + - lighttpd 1.4.19-1 NOTE: user configuration error, default documented in moduserdir documentation CVE-2008-1269 (cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus ...) NOT-FOR-US: Alice Gate 2 Plus router firmware @@ -30171,11 +30181,13 @@ - iceweasel 2.0.0.12-1 - xulrunner 1.8.1.12-1 - iceape 1.1.8-1 + - icedove 2.0.0.12-1 CVE-2008-0592 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows ...) {DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1} - iceweasel 2.0.0.12-1 - xulrunner 1.8.1.12-1 - iceape 1.1.8-1 + - icedove 2.0.0.12-1 CVE-2008-0591 (Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does ...) {DSA-1506-1 DSA-1489-1 DSA-1484-1} - iceweasel 2.0.0.12-1 @@ -30613,6 +30625,7 @@ - iceweasel 2.0.0.12-1 - xulrunner 1.8.1.12-1 - iceape 1.1.8-1 + - icedove 2.0.0.12-1 CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...) {DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1} - iceweasel 2.0.0.12-1 @@ -30630,6 +30643,7 @@ - iceweasel 2.0.0.12-1 - xulrunner 1.8.1.12-1 - iceape 1.1.8-1 + - icedove 2.0.0.12-1 CVE-2008-0413 (The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird ...) {DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1} - iceweasel 2.0.0.12-1 @@ -35610,6 +35624,7 @@ {DSA-1743-1 DSA-1416-1 DSA-1415-1} - tk8.3 8.3.5-10 (medium; bug #446465) - tk8.4 8.4.16-1 (medium) + - libtk-img 1.3-release-8 (medium) CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file ...) - tramp <not-affected> (the version we ship still uses make-temp-file) - emacs22 <not-affected> (the version we ship still uses make-temp-file) @@ -36342,6 +36357,7 @@ [etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13) [sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13) - tk8.3 <not-affected> (Vulnerability was introduced in 8.4.13) + - libtk-img 1.3-release-8 CVE-2007-5136 (Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier ...) NOT-FOR-US: DFD Cart CVE-2007-5134 (Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP ...) @@ -41836,10 +41852,10 @@ CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before ...) {DSA-1308-1 DSA-1306-1 DTSA-45-1 DTSA-51-1} NOTE: MFSA2007-13 - - iceweasel 2.0.0.4-1 (unimportant) - - iceape 1.1.2-1 (unimportant) - - mozilla <removed> (unimportant) - - xulrunner 1.8.1.4-1 (unimportant) + - iceweasel 2.0.0.4-1 + - iceape 1.1.2-1 + - mozilla <removed> + - xulrunner 1.8.1.4-1 CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...) {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-12 @@ -42862,8 +42878,8 @@ {DSA-1613-1} - libgd2 2.0.35.dfsg-1 (low) [etch] - libgd2 2.0.33-5.2etch1 (low) - - libpng 1.2.15~beta5-2 (unimportant) - - libpng3 <not-affected> (unimportant) + - libpng 1.2.15~beta5-2 + - libpng3 <not-affected> [etch] - libpng 1.2.15~beta5-1+etch2 NOTE: Only a crash, no code injection. Calling this DoS stretches things rather far CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in Samba ...) @@ -45045,11 +45061,10 @@ {DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1} NOTE: Affects various clients, but no practical security implications NOTE: MFSA2007-15 - - icedove 2.0.0.4-1 (unimportant) - - iceape 1.1.2-1 (unimportant) + - icedove 2.0.0.4-1 + - iceape 1.1.2-1 - fetchmail 6.3.8-1 (unimportant) - - mailfilter <unfixed> (unimportant) - NOTE: fixed in mailfilter upstream 0.8.2 + - mailfilter 0.8.2-1 - mutt 1.5.18-6 (unimportant) NOTE: i couldn''t pinpoint exact mutt fixed version, but lenny''s version has the NOTE: patch and etch''s version does not (http://dev.mutt.org/trac/ticket/2846) @@ -46361,7 +46376,7 @@ - epiphany-browser <unfixed> (unimportant; bug #556272) NOTE: only epiphany-gecko backend affected - galeon <unfixed> (unimportant; bug #556270) - - kazehakase 0.5.8-2 (unimportant; bug #556271) + - kazehakase 0.5.8-2 (bug #556271) TODO: next point release: [etch] - kazehakase 0.4.2-1etch2 [lenny] - kazehakase 0.5.4-2lenny1 - conkeror <not-affected> (doesn''t support bookmarks) Modified: data/DSA/list ==================================================================--- data/DSA/list 2010-03-04 21:49:46 UTC (rev 14190) +++ data/DSA/list 2010-03-05 02:52:03 UTC (rev 14191) @@ -3504,7 +3504,7 @@ [sarge] - util-vserver 0.30.204-5sarge3 NOTE: not fixed in testing at the time of DSA [21 Mar 2006] DSA-1010-1 ilohamail - missing input sanitising - {CVE-2006-1236} + {CVE-2005-1120} [sarge] - ilohamail 0.8.14-0rc3sarge1 NOTE: not fixed in testing at the time of DSA (too young) [21 Mar 2006] DSA-1009-1 crossfire - buffer overflow Modified: data/DTSA/list ==================================================================--- data/DTSA/list 2010-03-04 21:49:46 UTC (rev 14190) +++ data/DTSA/list 2010-03-05 02:52:03 UTC (rev 14191) @@ -159,7 +159,7 @@ {CVE-2007-1614} [lenny] - zziplib 0.12.83-8lenny1 [September 9th, 2007] DTSA-57-1 gforge - sql injection - {CVE-2007-3913 CVE-2007-4966} + {CVE-2007-3913} [lenny] - gforge 4.5.14-23lenny2 [September 13th, 2007] DTSA-58-1 phpgroupware - cross scripting vulnerability {CVE-2007-4048} @@ -194,7 +194,7 @@ {CVE-2007-5373} [lenny] - ldapscripts 1.4-2+lenny1 [October 23rd, 2007] DTSA-69-1 xulrunner - several vulnerabilities - {CVE-2007-5339 CVE-2007-5340 CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2006-2894 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338 CVE-2007-4841} + {CVE-2007-5339 CVE-2007-5340 CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2006-2894 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338} [lenny] - xulrunner 1.8.0.14~pre071019b-0lenny1 [October 23rd, 2007] DTSA-70-1 loop-aes-utils - privilege escalation {CVE-2007-5191} Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2010-03-04 21:49:46 UTC (rev 14190) +++ data/embedded-code-copies 2010-03-05 02:52:03 UTC (rev 14191) @@ -446,7 +446,7 @@ [sarge] - tla <unfixed> (embed; bug #395877) libmodplug - - gst-plugins-bad0.10 <unfixed> (embed) + - gst-plugins-bad0.10 0.10.10.2-1 (embed) libvncserver - vino <unfixed> (embed) @@ -935,6 +935,7 @@ lcms - openjdk-6 <unfixed> (fork) + - gimp 2.4.0~rc2-2 libphp-phplayersmenu - diogenes <unfixed>