Secure testing commits - Apr 2010 - r14456 - data/CVE

Author: pedrib-guest
Date: 2010-04-11 21:20:44 +0000 (Sun, 11 Apr 2010)
New Revision: 14456

Modified:
   data/CVE/list
Log:
several NMUs, local DoS in clamav


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-04-11 21:14:22 UTC (rev 14455)
+++ data/CVE/list	2010-04-11 21:20:44 UTC (rev 14456)
@@ -33,29 +33,31 @@
 CVE-2010-1316
 	RESERVED
 CVE-2010-1315 (Directory traversal vulnerability in weberpcustomer.php in the
...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1314 (Directory traversal vulnerability in the Highslide JS
(com_hsconfig) ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1313 (Directory traversal vulnerability in the Seber Cart
(com_sebercart) ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1312 (Directory traversal vulnerability in the iJoomla News Portal
...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1311 (The qtm_decompress function in libclamav/mspack.c in ClamAV
before ...)
-	TODO: check
+	- clamav <unfixed> (bug #577462; low)
+	NOTE: there is ongoing discussion about removing from Squeeze
+	NOTE: but the Lenny version is also affected
 CVE-2010-1310 (Opera 10.50 allows remote attackers to obtain sensitive
information ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-1309 (Directory traversal vulnerability in Irmin CMS (formerly Pepsi
CMS) ...)
-	TODO: check
+	NOT-FOR-US: Pepsi CMS
 CVE-2010-1308 (Directory traversal vulnerability in the SVMap (com_svmap)
component ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1307 (Directory traversal vulnerability in the Magic Updater ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1306 (Directory traversal vulnerability in the Picasa
(com_joomlapicasa2) ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1305 (Directory traversal vulnerability in jinventory.php in the
JInventory ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-1304 (Directory traversal vulnerability in userstatus.php in the User
Status ...)
-	TODO: check
+   NOT-FOR-US: Joomla!
 CVE-2010-1303 (Multiple cross-site scripting (XSS) vulnerabilities in the
Taxonomy ...)
 	TODO: check
 CVE-2010-XXXX [abcm2ps]