Secure testing commits - Mar 2010 - r14229 - data/CVE

Author: geissert
Date: 2010-03-09 01:30:40 +0000 (Tue, 09 Mar 2010)
New Revision: 14229

Modified:
   data/CVE/list
Log:
new vlc, phpbb3 issues, php5 issue not relevant


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-03-08 23:35:36 UTC (rev 14228)
+++ data/CVE/list	2010-03-09 01:30:40 UTC (rev 14229)
@@ -1,3 +1,9 @@
+CVE-2010-XXXX [vlc bookmarks memory corruption]
+	- vlc <undetermined>
+	NOTE: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.php
+CVE-2010-XXXX [phpbb 3.0.7 permissions bypass]
+	- phpbb3 <not-affected> (older version is in the archive)
+	NOTE: http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
 CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx
...)
 	TODO: check
 CVE-2010-0926
@@ -2988,9 +2994,6 @@
 	NOT-FOR-US: IBM DB2
 CVE-2009-4325 (The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1
before ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-XXXX [libapache2-mod-php5: potential disclosure of private php files]
-	- php5 5.2.11.dfsg.1-2 (low; bug #562006)
-	NOTE: not sure if it should be treated as an issue, probably not
 CVE-2009-XXXX [libhaml-ruby XSS issue]
 	- libhaml-ruby 2.2.8-1
 CVE-2009-XXXX [roundup: unspecified issue]