Michael Gilbert
2010-Mar-05 02:52 UTC
[Secure-testing-commits] r14191 - in data: . CVE DSA DTSA
Author: gilbert-guest
Date: 2010-03-05 02:52:03 +0000 (Fri, 05 Mar 2010)
New Revision: 14191
Modified:
data/CVE/list
data/DSA/list
data/DTSA/list
data/embedded-code-copies
Log:
fix some more latently vulnerable issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-04 21:49:46 UTC (rev 14190)
+++ data/CVE/list 2010-03-05 02:52:03 UTC (rev 14191)
@@ -1477,6 +1477,7 @@
CVE-2010-0300 (cache.c in ircd-ratbox before 2.2.9 allows remote attackers to
cause a ...)
{DSA-1980-1}
- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
+ - ircd-hybrid 1:7.2.2.dfsg.2-6.1 (low)
CVE-2010-0299 (openSUSE 11.2 installs the devtmpfs root directory with insecure
...)
- linux-2.6 2.6.32-6
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
@@ -5096,6 +5097,7 @@
- linux-2.6.24 <not-affected> (redhat-specific configuration issue)
CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier,
as ...)
{DSA-1934-1}
+ - apache2 2.2.14-2
NOTE: See separate CVE-2009-3555 file in SVN
CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka
JBoss ...)
- jbossas4 4.2.2.GA-1 (bug #562000)
@@ -7569,7 +7571,7 @@
NOT-FOR-US: Apple Mac OS X
CVE-2009-2813 (Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and
...)
{DSA-1908-1}
- - samba 2:3.4.2-1 (unimportant; bug #550422)
+ - samba 2:3.4.2-1 (bug #550422)
NOTE: requires an administrator to manually configure a user account without
NOTE: a home dir, otherwise, this is ineffective
CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly
recognize ...)
@@ -10934,6 +10936,7 @@
- qt4-x11 4:4.5.2-1
[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
- kdelibs 3.5.10.dfsg.1-2.1 (medium; bug #534949)
+ - kde4libs 4:4.3.0-1 (medium)
CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before
4.0, ...)
{DSA-1950-1}
- webkit 1.1.15.2-1 (medium; bug #535793)
@@ -11713,7 +11716,8 @@
CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function ...)
{DSA-1851-1 DSA-1850-1}
- libmodplug 1:0.8.7-1 (low; bug #526657; bug #527076)
- - gst-plugins-bad0.10 <not-affected> (it builds against an external
libmodplug; bug #527075)
+ - gst-plugins-bad0.10 0.10.10.2-1 (bug #527075)
+ NOTE: gstreamer in unstable dynamically linked to external libmodplug
CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable
(aka ...)
NOT-FOR-US: CoolPlayer
CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...)
@@ -11855,7 +11859,7 @@
- linux-2.6 2.6.26-16 (low; bug #532721)
- linux-2.6.24 <removed>
CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise
Linux ...)
- NOT-FOR-US: Different code base than Debian''s libpam-krb5
+ - libpam-krb5 <not-affected> (different code base than Debian''s
libpam-krb5)
CVE-2009-1383 (The getdirective function in mathtex.cgi in mathTeX, when
downloaded ...)
- mathtex 1.03-1 (medium; bug #537258)
CVE-2009-1382 (Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX,
when ...)
@@ -14641,6 +14645,7 @@
CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves
function ...)
{DSA-1769-1 DSA-1745-1}
- lcms 1.18.dfsg-1 (bug #522446)
+ - openjdk-6 <undetermined>
CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with ...)
NOT-FOR-US: Downloadcenter
CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free
Arcade ...)
@@ -14662,6 +14667,7 @@
CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms)
before ...)
{DSA-1769-1 DSA-1745-1}
- lcms 1.18.dfsg-1 (bug #522446)
+ - openjdk-6 <undetermined>
CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News
1.0.0 ...)
NOT-FOR-US: Potato News
CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in
HP ...)
@@ -15335,6 +15341,7 @@
CVE-2009-0581 (Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2,
as ...)
{DSA-1769-1 DSA-1745-1}
- lcms 1.18.dfsg-1 (bug #522446)
+ - openjdk-6 <undetermined>
CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and
6.0.0 ...)
- tomcat6 6.0.20-1 (low; bug #532362)
- tomcat5 <removed> (low; bug #532363)
@@ -17011,7 +17018,7 @@
- hplip <not-affected> (only a bug in ubuntus postinst script, we use
our own postinst which is not vulnerable)
CVE-2008-5907 (The png_check_keyword function in pngwutil.c in libpng before
1.0.42, ...)
{DSA-1750-1}
- - libpng 1.2.35-1 (unimportant; bug #512665)
+ - libpng 1.2.35-1 (bug #512665)
NOTE: Only an issues when using libpng to create out-of-spec images
CVE-2008-5906 (Eval injection vulnerability in the web interface plugin in
KTorrent ...)
- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
@@ -20534,6 +20541,7 @@
- xulrunner 1.9.0.4-1
- iceweasel 3.0.4-1
- iceape 1.1.13-1
+ - icedove 2.0.0.19-1
CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and
release ...)
NOT-FOR-US: IBM ENOVIA SmarTeam
CVE-2008-4580 (fence_manual, as used in fence 2.02.00-r1 and possibly cman,
allows ...)
@@ -24959,6 +24967,7 @@
- iceweasel 3.0~b2-1
- iceape 1.1.10-1
- xulrunner 1.9.0.1-1
+ - icedove 2.0.0.16-1
CVE-2008-2802 (Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and
earlier, and ...)
{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
- iceweasel 3.0~b2-1
@@ -28103,6 +28112,7 @@
- bind9 1:9.5.0.dfsg-5 (high)
NOTE: glibc stub resolver relies on source port randomisation in kernel
- dnsmasq 2.43-1 (medium; bug #490123)
+ - refpolicy 2:0.0.20080702-1
- pdnsd 1.2.6-par-11 (bug #502275)
- python-dns 2.3.1-5 (low; bug #490217)
- dnspython <unfixed> (unimportant; bug #492465)
@@ -28564,7 +28574,7 @@
NOT-FOR-US: Shared Sun StorEdge QFS and SAM-QFS
CVE-2008-1270 (mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is
not ...)
{DSA-1521-1}
- - lighttpd 1.4.19-1 (unimportant)
+ - lighttpd 1.4.19-1
NOTE: user configuration error, default documented in moduserdir documentation
CVE-2008-1269 (cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2
Plus ...)
NOT-FOR-US: Alice Gate 2 Plus router firmware
@@ -30171,11 +30181,13 @@
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
- iceape 1.1.8-1
+ - icedove 2.0.0.12-1
CVE-2008-0592 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8
allows ...)
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
- iceape 1.1.8-1
+ - icedove 2.0.0.12-1
CVE-2008-0591 (Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12
does ...)
{DSA-1506-1 DSA-1489-1 DSA-1484-1}
- iceweasel 2.0.0.12-1
@@ -30613,6 +30625,7 @@
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
- iceape 1.1.8-1
+ - icedove 2.0.0.12-1
CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla
Firefox ...)
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
@@ -30630,6 +30643,7 @@
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
- iceape 1.1.8-1
+ - icedove 2.0.0.12-1
CVE-2008-0413 (The JavaScript engine in Mozilla Firefox before 2.0.0.12,
Thunderbird ...)
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
@@ -35610,6 +35624,7 @@
{DSA-1743-1 DSA-1416-1 DSA-1415-1}
- tk8.3 8.3.5-10 (medium; bug #446465)
- tk8.4 8.4.16-1 (medium)
+ - libtk-img 1.3-release-8 (medium)
CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file
...)
- tramp <not-affected> (the version we ship still uses make-temp-file)
- emacs22 <not-affected> (the version we ship still uses make-temp-file)
@@ -36342,6 +36357,7 @@
[etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
[sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
- tk8.3 <not-affected> (Vulnerability was introduced in 8.4.13)
+ - libtk-img 1.3-release-8
CVE-2007-5136 (Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and
earlier ...)
NOT-FOR-US: DFD Cart
CVE-2007-5134 (Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP
...)
@@ -41836,10 +41852,10 @@
CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before
...)
{DSA-1308-1 DSA-1306-1 DTSA-45-1 DTSA-51-1}
NOTE: MFSA2007-13
- - iceweasel 2.0.0.4-1 (unimportant)
- - iceape 1.1.2-1 (unimportant)
- - mozilla <removed> (unimportant)
- - xulrunner 1.8.1.4-1 (unimportant)
+ - iceweasel 2.0.0.4-1
+ - iceape 1.1.2-1
+ - mozilla <removed>
+ - xulrunner 1.8.1.4-1
CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla
Firefox ...)
{DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1
DTSA-51-1}
NOTE: MFSA2007-12
@@ -42862,8 +42878,8 @@
{DSA-1613-1}
- libgd2 2.0.35.dfsg-1 (low)
[etch] - libgd2 2.0.33-5.2etch1 (low)
- - libpng 1.2.15~beta5-2 (unimportant)
- - libpng3 <not-affected> (unimportant)
+ - libpng 1.2.15~beta5-2
+ - libpng3 <not-affected>
[etch] - libpng 1.2.15~beta5-1+etch2
NOTE: Only a crash, no code injection. Calling this DoS stretches things
rather far
CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in
Samba ...)
@@ -45045,11 +45061,10 @@
{DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1}
NOTE: Affects various clients, but no practical security implications
NOTE: MFSA2007-15
- - icedove 2.0.0.4-1 (unimportant)
- - iceape 1.1.2-1 (unimportant)
+ - icedove 2.0.0.4-1
+ - iceape 1.1.2-1
- fetchmail 6.3.8-1 (unimportant)
- - mailfilter <unfixed> (unimportant)
- NOTE: fixed in mailfilter upstream 0.8.2
+ - mailfilter 0.8.2-1
- mutt 1.5.18-6 (unimportant)
NOTE: i couldn''t pinpoint exact mutt fixed version, but
lenny''s version has the
NOTE: patch and etch''s version does not
(http://dev.mutt.org/trac/ticket/2846)
@@ -46361,7 +46376,7 @@
- epiphany-browser <unfixed> (unimportant; bug #556272)
NOTE: only epiphany-gecko backend affected
- galeon <unfixed> (unimportant; bug #556270)
- - kazehakase 0.5.8-2 (unimportant; bug #556271)
+ - kazehakase 0.5.8-2 (bug #556271)
TODO: next point release: [etch] - kazehakase 0.4.2-1etch2
[lenny] - kazehakase 0.5.4-2lenny1
- conkeror <not-affected> (doesn''t support bookmarks)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2010-03-04 21:49:46 UTC (rev 14190)
+++ data/DSA/list 2010-03-05 02:52:03 UTC (rev 14191)
@@ -3504,7 +3504,7 @@
[sarge] - util-vserver 0.30.204-5sarge3
NOTE: not fixed in testing at the time of DSA
[21 Mar 2006] DSA-1010-1 ilohamail - missing input sanitising
- {CVE-2006-1236}
+ {CVE-2005-1120}
[sarge] - ilohamail 0.8.14-0rc3sarge1
NOTE: not fixed in testing at the time of DSA (too young)
[21 Mar 2006] DSA-1009-1 crossfire - buffer overflow
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2010-03-04 21:49:46 UTC (rev 14190)
+++ data/DTSA/list 2010-03-05 02:52:03 UTC (rev 14191)
@@ -159,7 +159,7 @@
{CVE-2007-1614}
[lenny] - zziplib 0.12.83-8lenny1
[September 9th, 2007] DTSA-57-1 gforge - sql injection
- {CVE-2007-3913 CVE-2007-4966}
+ {CVE-2007-3913}
[lenny] - gforge 4.5.14-23lenny2
[September 13th, 2007] DTSA-58-1 phpgroupware - cross scripting vulnerability
{CVE-2007-4048}
@@ -194,7 +194,7 @@
{CVE-2007-5373}
[lenny] - ldapscripts 1.4-2+lenny1
[October 23rd, 2007] DTSA-69-1 xulrunner - several vulnerabilities
- {CVE-2007-5339 CVE-2007-5340 CVE-2007-1095 CVE-2007-2292 CVE-2007-3511
CVE-2006-2894 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338 CVE-2007-4841}
+ {CVE-2007-5339 CVE-2007-5340 CVE-2007-1095 CVE-2007-2292 CVE-2007-3511
CVE-2006-2894 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338}
[lenny] - xulrunner 1.8.0.14~pre071019b-0lenny1
[October 23rd, 2007] DTSA-70-1 loop-aes-utils - privilege escalation
{CVE-2007-5191}
Modified: data/embedded-code-copies
==================================================================---
data/embedded-code-copies 2010-03-04 21:49:46 UTC (rev 14190)
+++ data/embedded-code-copies 2010-03-05 02:52:03 UTC (rev 14191)
@@ -446,7 +446,7 @@
[sarge] - tla <unfixed> (embed; bug #395877)
libmodplug
- - gst-plugins-bad0.10 <unfixed> (embed)
+ - gst-plugins-bad0.10 0.10.10.2-1 (embed)
libvncserver
- vino <unfixed> (embed)
@@ -935,6 +935,7 @@
lcms
- openjdk-6 <unfixed> (fork)
+ - gimp 2.4.0~rc2-2
libphp-phplayersmenu
- diogenes <unfixed>