thr3ads.net - Secure testing commits - [Secure-testing-commits] r14323

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2010-Mar-24 18:29 UTC

[Secure-testing-commits] r14323 - data/CVE

Author: jmm-guest
Date: 2010-03-24 18:29:29 +0000 (Wed, 24 Mar 2010)
New Revision: 14323

Modified:
   data/CVE/list
Log:
- gnash no-dsa
- egroupware fckeditor issue was also fixed in recent DSA by removing
  unused code chunks
- kfreebsd not yet supported in Lenny
- one gnome-screensaver fixed and no-dsa
- mailfilter unimportant


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-03-24 18:26:26 UTC (rev 14322)
+++ data/CVE/list	2010-03-24 18:29:29 UTC (rev 14323)
@@ -2186,10 +2186,10 @@
 	[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
 CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3,
when the ...)
-	- gnome-screensaver <unfixed> (low)
+	- gnome-screensaver 2.28.3-1 (low)
+	[lenny] - gnome-screensaver <no-dsa> (Minor issue)
 	NOTE:
http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
-	TODO: file bug, check affected versions
 CVE-2010-0284
 	RESERVED
 CVE-2010-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)
1.7 ...)
@@ -5095,6 +5095,7 @@
 	[etch] - ggobi <no-dsa> (Minor issue)
 	[lenny] - ggobi <no-dsa> (Minor issue)
 	- gnash 0.8.7-2 (low; bug #559808)
+	[lenny] - gnash <no-dsa> (Minor issue)
 	- gnu-smalltalk 3.1-2 (low; bug #559809)
 	[lenny] - gnu-smalltalk <no-dsa> (Minor issue)
 	[etch] - gnu-smalltalk <no-dsa> (Minor issue)
@@ -9036,6 +9037,7 @@
 	- kfreebsd-8 <undetermined> (bug #572811)
 	- kfreebsd-7 <undetermined> (bug #572811)
 	- kfreebsd-6 <removed> (bug #572811)
+	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain
configuration ...)
 	NOT-FOR-US: FlashDen Guestbook
 CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and
Kaspersky ...)
@@ -10135,8 +10137,8 @@
 	[etch] - moin <not-affected> (Vulnerable code not present)
 	NOTE: moin in lenny provides FCKeditor as example files (/usr/share/doc)
 	- request-tracker3.8 <not-affected> (Vulnerable code not present)
-	- egroupware 1.6.002+dfsg-1 (medium)
-	NOTE: egroupware is orphaned
+	- egroupware 1.6.002+dfsg-1 (low)
+	[lenny] - egroupware 1.4.004-2.dfsg-4.2
 	- gforge 4.6.99+svn6225-1
 	[etch] - gforge <not-affected> (doesn''t contain FCKeditor)
 	- knowledgeroot 0.9.8.5-3 (medium; bug #538722)
@@ -45741,7 +45743,7 @@
 	- icedove 2.0.0.4-1
 	- iceape 1.1.2-1
 	- fetchmail 6.3.8-1 (unimportant)
-	- mailfilter 0.8.2-1
+	- mailfilter 0.8.2-1 (unimportant)
 	- mutt 1.5.18-6 (unimportant)
 	NOTE: i couldn''t pinpoint exact mutt fixed version, but
lenny''s version has the
 	NOTE: patch and etch''s version does not
(http://dev.mutt.org/trac/ticket/2846)

Secure testing commits - Mar 2010 - r14323 - data/CVE

[Secure-testing-commits] r14323 - data/CVE