Secure testing commits - Jul 2010 - r14951 - in data: . CVE

Author: jmm-guest
Date: 2010-07-02 17:51:39 +0000 (Fri, 02 Jul 2010)
New Revision: 14951

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
- NFUs
- redmine not in Lenny
- rewrite old kdebase entry
- rewrite old rails entry
- fastjar fixed
- remove policykit TODO, has been removed
- webkit issue is in Ruby
- old OO exploit never appeared, mark as NFU. If there ever is
  one, we''ll learn about it anyway
- remove a few obsolete TODOs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-07-02 16:53:39 UTC (rev 14950)
+++ data/CVE/list	2010-07-02 17:51:39 UTC (rev 14951)
@@ -126,9 +126,9 @@
 CVE-2010-2519
 	RESERVED
 CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1
before ...)
-	TODO: check
+	NOT-FOR-US: P8 Content Search Engine
 CVE-2010-2517 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest
before ...)
-	TODO: check
+	NOT-FOR-US: ClearQuest
 CVE-2010-XXXX [murmur DoS via malformed client query]
 	- qt4-x11 <undetermined> (low; bug #587713)
 	- sqlite3 <undetermined>
@@ -904,7 +904,7 @@
 CVE-2010-2205 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2204 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before
...)
-	TODO: check
+	NOT-FOR-US: Adobe Reader
 CVE-2010-2203 (Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow
attackers to ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2202 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
@@ -2679,9 +2679,9 @@
 CVE-2010-1522
 	RESERVED
 CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in
...)
-	TODO: check
+	NOT-FOR-US: TaskFreak! Original multi user
 CVE-2010-1520 (Cross-site scripting (XSS) vulnerability in logout.php in
TaskFreak! ...)
-	TODO: check
+	NOT-FOR-US: TaskFreak! Original multi user
 CVE-2010-1519
 	RESERVED
 CVE-2010-1518
@@ -4246,10 +4246,8 @@
 	- iceape <not-affected> (Vulnerable code not present)
 CVE-2010-XXXX [Escape href attribute in auto links]
 	- redmine 0.9.3-3
-	TODO: Check severity, Lenny status
 CVE-2010-XXXX [Fixes permission check in QueriesController]
 	- redmine 0.9.3-3
-	TODO: Check severity, Lenny status
 CVE-2010-1003 (Directory traversal vulnerability in ...)
 	NOT-FOR-US: eFront-learning
 CVE-2010-1002
@@ -4609,10 +4607,9 @@
 CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe
531.21.10 ...)
 	NOT-FOR-US: Apple Safari
 CVE-2010-0923 (Race condition in workspace/krunner/lock/lockdlg.cc in the
KRunner ...)
-	- kdebase <not-affected> (vulnerability introduced in version 4.4.0)
-	- kdebase-workspace <not-affected> (vulnerability introduced in version
4.4.0)
-	NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/2
-	TODO: recheck when >= 4.4.0 is uploaded; claimed fixed in 4.4.1
+	- kdebase 4:4.4.2-1
+	[lenny] - kdebase <not-affected> (Only affected version 4.4.0)
+	- kdebase-workspace 4:4.4.2-1
 CVE-2010-0922 (Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP
...)
 	NOT-FOR-US: IBM AIX
 CVE-2010-0921 (Cross-site request forgery (CSRF) vulnerability in IBM Lotus
iNotes ...)
@@ -4828,9 +4825,8 @@
 CVE-2010-0832
 	RESERVED
 CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in
...)
-	- fastjar <unfixed> (low)
+	- fastjar 2:0.98-3 (low)
 	[lenny] - fastjar <no-dsa> (Minor issue)
-	TODO: File bug
 CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in
...)
 	{DSA-2058-1}
 	- glibc <removed>
@@ -5086,7 +5082,6 @@
 CVE-2010-0750 (pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local
users ...)
 	- policykit <not-affected> (pkexec introduced in 0.92)
 	[lenny] - policykit <not-affected> (pkexec introduced in 0.92)
-	TODO: check when >= 0.92 gets uploaded
 CVE-2010-0749
 	RESERVED
 	- transmission 1.92-1 (unimportant; bug filed)
@@ -5168,8 +5163,8 @@
 	{DSA-2014-1}
 	- moin 1.9.0~rc2-1
 CVE-2009-4652 (The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in
...)
-	- ngircd <not-affected> (SSL/TLS support not yet present)
-	TODO: Recheck when 0.15 gets uploaded
+	- ngircd 15-0.1
+	[lenny] - ngircd <not-affected> (SSL/TLS support not yet present)
 CVE-2003-1590 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server
6.0 SP3 ...)
 	NOT-FOR-US: Sun ONE Web Server
 CVE-2003-1589 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server
4.1 ...)
@@ -5756,8 +5751,13 @@
 CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text
Filter ...)
 	- cups 1.4.4-1
 CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP
server in ...)
-	- libwebapp-ruby <undetermined>
-	TODO: check
+ 	- ruby1.8 <unfixed>
+ 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
+ 	- ruby1.9 <unfixed>
+ 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
+ 	- ruby1.9.1 <unfixed>
+	NOTE: File bugs: https://bugzilla.redhat.com/show_bug.cgi?id=587731#c3
+	TODO: File bugs, no-dsa for Lenny
 CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web
interface ...)
 	- cups 1.4.4-1
 CVE-2010-0539 (Integer signedness error in the window drawing implementation in
Apple ...)
@@ -8072,7 +8072,6 @@
 	- gnome-screensaver 2.28.0-2 (low; bug #560895)
 	[etch] - gnome-screensaver <not-affected> (vulnerable code introduced in
2.28)
 	[lenny] - gnome-screensaver <not-affected> (vulnerable code introduced
in 2.28)
-	TODO: request CVE id
 	NOTE: the code in etch''s version is more different but it seems to be
affected
 	NOTE:
http://git.gnome.org/browse/gnome-screensaver/commit/?id=284c9924969a49dbf2d5fae1d680d3310c4df4a3
 CVE-2009-XXXX [gif2png multiple buffer overflows parsing CLI arguments]
@@ -10102,14 +10101,11 @@
 	- aria2 1.2.0-1 (low; bug #551070)
 	[etch] - aria2 <not-affected> (Vulnerable code not present)
 CVE-2009-3571 (Unspecified vulnerability in OpenOffice.org (OOo) has unknown
impact ...)
-	TODO: check once details are available: - openoffice.org <unfixed>
(medium; bug #551068)
-	NOTE: details are unknown
+	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn''t materialised
in any form
 CVE-2009-3570 (Unspecified vulnerability in OpenOffice.org (OOo) has
unspecified ...)
-	TODO: check once details are available:- openoffice.org <unfixed>
(medium; bug #551068)
-	NOTE: details are unknown
+	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn''t materialised
in any form
 CVE-2009-3569 (Stack-based buffer overflow in OpenOffice.org (OOo) allows
remote ...)
-	TODO: check once details are available:- openoffice.org <unfixed>
(medium; bug #551068)
-	NOTE: details are unknown
+	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn''t materialised
in any form
 CVE-2009-3568 (Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module
for ...)
 	NOT-FOR-US: module for Drupal
 CVE-2009-3692 (Unspecified vulnerability in the VBoxNetAdpCtl configuration
tool in ...)
@@ -10653,10 +10649,8 @@
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were
added in 3.5)
 CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow
group ...)
 	- bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-	TODO: Check when a current Bugzilla is uploaded
 CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through
3.5.1 ...)
 	- bugzilla <not-affected> (Only 3.3 onwards are affected)
-	TODO: recheck, once a more recent (3.3.x or 3.4.x) version has been uploaded
 CVE-2009-3385 (The mail component in Mozilla SeaMonkey before 1.1.19 does not
...)
 	{DSA-1922-1}
 	- xulrunner 1.9.0.15-1
@@ -11242,7 +11236,6 @@
 	NOT-FOR-US: RunCMS
 CVE-2009-3166 (token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in
a URL ...)
 	- bugzilla <not-affected> (only 3.4.x is affected)
-	TODO: check when 3.4.x will be uploaded in unstable
 CVE-2009-3165 (SQL injection vulnerability in the Bug.create WebService
function in ...)
 	{DSA-1913-1}
 	- bugzilla 3.2.5.0-1 (low; bug #547132)
@@ -11505,7 +11498,6 @@
 	NOT-FOR-US: ArticleFriend Script
 CVE-2009-3125 (SQL injection vulnerability in the Bug.search WebService
function in ...)
 	- bugzilla <not-affected> (Only 3.3.x and 3.4.x are affected)
-	TODO: check when 3.3.x or 3.4.x will be uploaded in unstable
 CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in
QuarkMail ...)
 	NOT-FOR-US: QuarkMail
 CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in
Wap-Motor ...)
@@ -12476,12 +12468,9 @@
 CVE-2009-2902 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through
...)
 	- tomcat6 6.0.24-1 (low)
 	- tomcat5 <removed>
-	NOTE: tomcat 5.0 (in etch) is unsupported by upstream and may also be affected
 CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28
and ...)
 	- tomcat6 6.0.24-1 (low)
-	- tomcat5 <removed>
-	TODO: check
-	NOTE: tomcat 5.0 (in etch) is unsupported by upstream and may also be affected
+	- tomcat5 <not-affected> (Windows-only)
 CVE-2009-2900
 	RESERVED
 CVE-2009-2899
@@ -13174,7 +13163,6 @@
 	- libxerces2-java <unfixed> (low; bug #540862)
 	[etch] - libxerces2-java <no-dsa> (minor issue)
 	[lenny] - libxerces2-java <no-dsa> (minor issue)
-	TODO: request cve id
 CVE-2009-XXXX [gri: insecure temp file generation]
 	- gri 2.12.18-1 (low)
 	[etch] - gri <no-dsa> (Minor issue)
@@ -13218,7 +13206,6 @@
 	[etch] - bugzilla <no-dsa> (minor issue)
 	[lenny] - bugzilla <no-dsa> (minor issue)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495257
-	TODO: request CVE id
 CVE-2009-XXXX [groff: insecure usage of gs]
 	- groff 1.20.1-5 (low; bug #538338)
 	[etch] - groff <not-affected> (pdfroff not yet present)
@@ -13234,7 +13221,6 @@
 	NOTE: Standard behaviour of crypt, enhancement bug for stronger method
 CVE-2009-XXXX [xscreensaver: local screen lock bypassable via low resolution
video devices]
 	- xscreensaver 5.05-3+nmu1 (low; bug #539699)
-	TODO: request CVE id
 	[etch] - xscreensaver <not-affected> (vulnerable code not present)
 	[lenny] - xscreensaver 5.05-3+lenny1
 CVE-2009-2626 (The zend_restore_ini_entry_cb function in zend_ini.c in PHP
5.3.0, ...)
@@ -13316,8 +13302,6 @@
 CVE-2009-2693 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through
...)
 	- tomcat6 6.0.24-1 (low)
 	- tomcat5 <removed>
-	TODO: check
-	NOTE: tomcat 5.0 (in etch) is unsupported by upstream and may also be affected
 CVE-2009-2692 (The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through
2.4.37.4, ...)
 	{DSA-1864-1 DSA-1865-1 DSA-1862-1}
 	- linux-2.6 2.6.30-6 (high; bug #541403)
@@ -14169,10 +14153,8 @@
 CVE-2009-2423 (SQL injection vulnerability in category.php in Ebay Clone 2009
allows ...)
 	NOT-FOR-US: Ebay Clone 2009
 CVE-2009-2422 (The example code for the digest authentication functionality
...)
-	- rails <not-affected> (high; bug #535896)
-	TODO: check after 2.3.x upload
-	NOTE: vulnerable code not present, introduced in 2.3.x
-	NOTE: to be fixed in upstream version 2.3.3
+	- rails 2.3.5-1 (bug #535896)
+	[lenny] - rails <not-affected> (vulnerable code not present, introduced
in 2.3.x)
 CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command
...)
 	{DSA-1877-1}
 	- mysql-dfsg-5.0 <removed> (low; bug #536726) 

Modified: data/spu-candidates.txt
==================================================================---
data/spu-candidates.txt	2010-07-02 16:53:39 UTC (rev 14950)
+++ data/spu-candidates.txt	2010-07-02 17:51:39 UTC (rev 14951)
@@ -332,6 +332,14 @@
 
 --
 
+ruby1.8 (CVE-2010-0541)
+
+--
+
+ruby1.9 (CVE-2010-0541)
+
+--
+
 squid (CVE-2009-0801)
 #521053
 notified maintainer