Author: gilbert-guest Date: 2010-03-31 03:12:35 +0000 (Wed, 31 Mar 2010) New Revision: 14358 Modified: data/CVE/list Log: new oss-sec issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-03-30 21:14:51 UTC (rev 14357) +++ data/CVE/list 2010-03-31 03:12:35 UTC (rev 14358) @@ -1,3 +1,7 @@ +CVE-2010-1188 [linux-2.6: ipv6 skb unexpectedly freed] + - linux-2.6 2.6.20-1 +CVE-2010-1187 [linux-2.6: ticp oops] + - linux-2.6 <unfixed> CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...) TODO: check CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key derived ...) @@ -1038,9 +1042,13 @@ - shibboleth-sp2 <unfixed> (low; bug #571631) [lenny] - shibboleth-sp2 <no-dsa> (Minor issue) - shibboleth-sp <not-affected> (Vulnerable code not present) -CVE-2010-XXXX [libesmtp doesn''t handle null bytes in commonname] +CVE-2010-1192 [libesmtp doesn''t handle null bytes in commonname] - libesmtp <unfixed> (bug #572960) NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6 +CVE-2010-1193 [libesmtp wildcard handling] + - libesmtp <undetermined> + NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/10 + TODO: check CVE-2010-XXXX [argyll unsafe udev rules] - argyll <not-affected> (issue with redhat-specific changes to the package) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=560050 @@ -3010,8 +3018,11 @@ RESERVED CVE-2010-0133 RESERVED -CVE-2010-0132 +CVE-2010-0132 [viewvc regular expression xss] RESERVED + - viewvc <undetermined> + NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/2 + TODO: check CVE-2010-0131 RESERVED CVE-2010-0130