Author: gilbert-guest
Date: 2010-03-18 02:10:51 +0000 (Thu, 18 Mar 2010)
New Revision: 14288
Modified:
data/CVE/list
data/DSA/list
Log:
fix tracking for drbd issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-17 21:14:27 UTC (rev 14287)
+++ data/CVE/list 2010-03-18 02:10:51 UTC (rev 14288)
@@ -47,6 +47,14 @@
CVE-2010-XXXX [ikiwiki htmlscrubber XSS via svg images]
- ikiwiki 3.20100312 (low)
NOTE: CVE id requested on oss-sec
+CVE-2010-XXXX [linux-2.6 drbd connector issue]
+ - linux-2.6 <not-affected> (drbd introduced in 2.6.33, which is not yet
in unstable)
+ NOTE: checked 2.6.33-1~experimental.3, and the fix is already applied
+ TODO: fix tracking once kernel >= 2.6.33 enters unstable
+ - drbd8 <unfixed>
+ [lenny] - drbd8 2:8.0.14-2+lenny1
+ NOTE: DSA-2015-1
+ NOTE: CVE requested at http://www.openwall.com/lists/oss-security/2010/03/11/9
CVE-2009-4718 (SQL injection vulnerability in visitorduration.php in Gonafish
...)
NOT-FOR-US: Gonafish WebStatCaffe
CVE-2009-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2010-03-17 21:14:27 UTC (rev 14287)
+++ data/DSA/list 2010-03-18 02:10:51 UTC (rev 14288)
@@ -2,7 +2,6 @@
[lenny] - pulseaudio 0.9.10-3+lenny2
{CVE-2009-1299}
[15 Mar 2010] DSA-2015-1 drbd8 linux-modules-extra-2.6 - privilege escalation
- {CVE-2009-3725}
[lenny] - drbd8 2:8.0.14-2+lenny1
[lenny] - linux-modules-extra-2.6 2.6.26-6+lenny3
[13 Mar 2010] DSA-2016-1 drupal6 - several vulnerabilities