thr3ads.net - Secure testing commits - [Secure-testing-commits] r14953

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jul-02 21:14 UTC
[Secure-testing-commits] r14953 - data/CVE

Author: joeyh
Date: 2010-07-02 21:14:30 +0000 (Fri, 02 Jul 2010)
New Revision: 14953

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-07-02 19:57:48 UTC (rev 14952)
+++ data/CVE/list	2010-07-02 21:14:30 UTC (rev 14953)
@@ -1,15 +1,93 @@
-CVE-2010-2598 [crasher: ojpeg]
+CVE-2010-2618 (PHP remote file inclusion vulnerability in
inc/smarty/libs/init.php in ...)
+	TODO: check
+CVE-2010-2617 (Cross-site scripting (XSS) vulnerability in bible.php in PHP
Bible ...)
+	TODO: check
+CVE-2010-2616 (SQL injection vulnerability in bible.php in PHP Bible Search,
probably ...)
+	TODO: check
+CVE-2010-2615 (Multiple cross-site scripting (XSS) vulnerabilities in
admin/admin.php ...)
+	TODO: check
+CVE-2010-2614 (SQL injection vulnerability in admin/admin.php in Grafik CMS
1.1.2, ...)
+	TODO: check
+CVE-2010-2613 (Cross-site scripting (XSS) vulnerability in the JExtensions JE
Awd ...)
+	TODO: check
+CVE-2010-2612 (Unspecified vulnerability in the HP OpenVMS Auditing feature in
...)
+	TODO: check
+CVE-2010-2611 (SQL injection vulnerability in show_search_result.php in
i-netsolution ...)
+	TODO: check
+CVE-2010-2610 (Multiple SQL injection vulnerabilities in 2daybiz Job Site
Script ...)
+	TODO: check
+CVE-2010-2609 (SQL injection vulnerability in show_search_result.php in 2daybiz
Job ...)
+	TODO: check
+CVE-2010-2608
 	RESERVED
-	- tiff <unfixed> (unimportant)
-CVE-2010-2597 [crasher: tiffvstrip]
+CVE-2010-2607
 	RESERVED
-	- tiff <unfixed> (unimportant)
-CVE-2010-2596 [crasher: ojpeg]
+CVE-2010-2606
 	RESERVED
-	- tiff <unfixed> (unimportant)
-CVE-2010-2595 [crasher: ojpeg]
+CVE-2010-2605
 	RESERVED
+CVE-2010-2604
+	RESERVED
+CVE-2010-2603
+	RESERVED
+CVE-2010-2602
+	RESERVED
+CVE-2010-2601
+	RESERVED
+CVE-2010-2600
+	RESERVED
+CVE-2010-2599
+	RESERVED
+CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the web ...)
+	TODO: check
+CVE-2010-2593
+	RESERVED
+CVE-2010-2592
+	RESERVED
+CVE-2010-2591
+	RESERVED
+CVE-2010-2590
+	RESERVED
+CVE-2010-2589
+	RESERVED
+CVE-2010-2588
+	RESERVED
+CVE-2010-2587
+	RESERVED
+CVE-2010-2586
+	RESERVED
+CVE-2010-2585
+	RESERVED
+CVE-2010-2584
+	RESERVED
+CVE-2010-2583
+	RESERVED
+CVE-2010-2582
+	RESERVED
+CVE-2010-2581
+	RESERVED
+CVE-2010-2580
+	RESERVED
+CVE-2010-2579
+	RESERVED
+CVE-2010-2578
+	RESERVED
+CVE-2010-2577
+	RESERVED
+CVE-2010-2576
+	RESERVED
+CVE-2010-2575
+	RESERVED
+CVE-2010-2574
+	RESERVED
+CVE-2010-2598 (LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64
platforms, as ...)
 	- tiff <unfixed> (unimportant)
+CVE-2010-2597 (The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and
3.9.2 ...)
+	- tiff <unfixed> (unimportant)
+CVE-2010-2596 (The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and
...)
+	- tiff <unfixed> (unimportant)
+CVE-2010-2595 (The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used
in ...)
+	- tiff <unfixed> (unimportant)
 CVE-2010-2573
 	RESERVED
 CVE-2010-2572
@@ -378,6 +456,7 @@
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2010-2479 [IE-specific XSS issue]
 	RESERVED
+	{DSA-2067-1}
 	- php-htmlpurifier 4.1.1+dfsg1-1
 	- mahara <unfixed>
 CVE-2010-2419
@@ -842,8 +921,8 @@
 	RESERVED
 CVE-2010-2234
 	RESERVED
-CVE-2010-2233
-	RESERVED
+CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms,
as used ...)
+	TODO: check
 CVE-2010-2232
 	RESERVED
 CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -2278,6 +2357,7 @@
 	RESERVED
 CVE-2010-1670
 	RESERVED
+	{DSA-2067-1}
 	- mahara 1.2.5-1
 CVE-2010-1669
 	RESERVED
@@ -2285,9 +2365,11 @@
 	[lenny] - mahara <not-affected>
 CVE-2010-1668
 	RESERVED
+	{DSA-2067-1}
 	- mahara 1.2.5-1
 CVE-2010-1667
 	RESERVED
+	{DSA-2067-1}
 	- mahara 1.2.5-1
 CVE-2010-1666 [python-cjson buffer overflow]
 	RESERVED
@@ -2677,8 +2759,8 @@
 	RESERVED
 CVE-2010-1523
 	RESERVED
-CVE-2010-1522
-	RESERVED
+CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic
...)
+	TODO: check
 CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in
...)
 	NOT-FOR-US: TaskFreak! Original multi user
 CVE-2010-1520 (Cross-site scripting (XSS) vulnerability in logout.php in
TaskFreak! ...)
@@ -5752,11 +5834,11 @@
 CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text
Filter ...)
 	- cups 1.4.4-1
 CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP
server in ...)
- 	- ruby1.8 <unfixed>
- 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
- 	- ruby1.9 <unfixed>
- 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
- 	- ruby1.9.1 <unfixed>
+	- ruby1.8 <unfixed>
+	[lenny] - ruby1.8 <no-dsa> (Minor issue)
+	- ruby1.9 <unfixed>
+	[lenny] - ruby1.9 <no-dsa> (Minor issue)
+	- ruby1.9.1 <unfixed>
 	NOTE: File bugs: https://bugzilla.redhat.com/show_bug.cgi?id=587731#c3
 	TODO: File bugs, no-dsa for Lenny
 CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web
interface ...)
Secure testing commits - Jul 2010 - r14953 - data/CVE

[Secure-testing-commits] r14953 - data/CVE
