Secure testing commits - Jul 2010 - r14986 - data/CVE

Author: jmm-guest
Date: 2010-07-13 14:53:35 +0000 (Tue, 13 Jul 2010)
New Revision: 14986

Modified:
   data/CVE/list
Log:
- new freetype issues
- new chrome/webkit issues
- new iscsitarget issue
- NFUS
- remove freeimage TODOs, it''ll need to be fixed, removed or
  excluded from security support. It embeds lots of image
  libs and is only used by the Ogre 3D engine
- new minor cjson issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-07-13 09:14:33 UTC (rev 14985)
+++ data/CVE/list	2010-07-13 14:53:35 UTC (rev 14986)
@@ -51,25 +51,25 @@
 CVE-2010-2667
 	RESERVED
 CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly
enforce ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54
on ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2664 (Opera before 10.60 allows remote attackers to cause a denial of
...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2663 (Opera before 10.60 allows remote attackers to cause a denial of
...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2662 (Opera before 10.60 allows remote attackers to bypass the popup
blocker ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2661 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on
UNIX ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2660 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on
UNIX ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2659 (Opera before 10.50 on Windows, before 10.52 on Mac OS X, and
before ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2658 (Opera before 10.60 does not properly restrict certain
interaction ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly
prevent ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM)
firmware ...)
 	TODO: check
 CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php
on ...)
@@ -101,21 +101,29 @@
 CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce
Creasito ...)
 	TODO: check
 CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement
modal ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome
...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2650 (Unspecified vulnerability in Google Chrome before 5.0.375.99 has
...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2649 (Unspecified vulnerability in Google Chrome before 5.0.375.99
allows ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2648 (The implementation of the Unicode Bidirectional Algorithm (aka
Bidi ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause
a ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate
sandboxed ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2645 (Unspecified vulnerability in Google Chrome before 5.0.375.99,
when ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-2644
 	RESERVED
 CVE-2010-2643
@@ -147,7 +155,7 @@
 CVE-2010-2630 (The TIFFReadDirectory function in LibTIFF 3.9.0 does not
properly ...)
 	- tiff <unfixed> (unimportant)
 CVE-2010-2629 (The Cisco Content Services Switch (CSS) 11500 with software
8.20.4.02 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-2628
 	RESERVED
 CVE-2010-2627 (Multiple directory traversal vulnerabilities in the Refractor 2
...)
@@ -167,11 +175,12 @@
 CVE-2010-2620 (Open&amp;Compact FTP Server (Open-FTPD) 1.2 and earlier
allows remote ...)
 	TODO: check
 CVE-2010-2619 (Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and
...)
-	TODO: check
+	NOT-FOR-US: Citrix XenServer (it''s based on Xen, likely a duplicate
of an existing Xen issue)
 CVE-2009-4924 (Dan Pascu python-cjson 1.0.5 does not properly handle a
[''/''] argument ...)
-	TODO: check
+	- python-cjson <unfixed> (low)
+	[lenny] - python-cjson <no-dsa> (Minor issue)
 CVE-2004-2769 (Cerberus FTP Server before 4.0.3.0 allows remote authenticated
users ...)
-	TODO: check
+	NOT-FOR-US: Cerberus FTP Server
 CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in
(1) ...)
 	- bogofilter 1.2.1-3 (low; bug #588090)
 	[lenny] - bogofilter <no-dsa> (Minor issue)
@@ -319,7 +328,7 @@
 CVE-2010-2550
 	RESERVED
 CVE-2010-2549 (Use-after-free vulnerability in Microsoft Windows Vista and
Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2010-2548
 	RESERVED
 CVE-2010-2547
@@ -376,8 +385,9 @@
 	RESERVED
 CVE-2010-2521
 	RESERVED
-CVE-2010-2520
+CVE-2010-2520 [freetype]
 	RESERVED
+	- freetype <unfixed>
 CVE-2010-2519
 	RESERVED
 CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1
before ...)
@@ -449,14 +459,18 @@
 	NOT-FOR-US: Splunk
 CVE-2010-2501
 	RESERVED
-CVE-2010-2500
+CVE-2010-2500 [freetype]
 	RESERVED
-CVE-2010-2499
+	- freetype <unfixed>
+CVE-2010-2499 [freetype]
 	RESERVED
-CVE-2010-2498
+	- freetype <unfixed>
+CVE-2010-2498 [freetype]
 	RESERVED
-CVE-2010-2497
+	- freetype <unfixed>
+CVE-2010-2497 [freetype]
 	RESERVED
+	- freetype <unfixed>
 CVE-2010-2496
 	RESERVED
 CVE-2010-2493
@@ -1074,7 +1088,6 @@
 	NOTE: http://www.ocert.org/advisories/ocert-2010-001.html
 CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x
before ...)
 	- libpng 1.2.44-1 (low; bug #587670)
-	- freeimage <undetermined> (unimportant)
 	- tuxonice-userui <unfixed> (unimportant)
 	TODO: binNMU tuxonice-userui once libpng is fixed
 CVE-2010-2248 [os/2 smb issue]
@@ -1145,7 +1158,7 @@
 CVE-2010-2222
 	RESERVED
 CVE-2010-2221 (Multiple buffer overflows in the iSNS implementation in isns.c
in (1) ...)
-	TODO: check
+	- iscsitarget <undetermined>
 CVE-2010-2220
 	RESERVED
 CVE-2010-2219
@@ -2793,11 +2806,11 @@
 CVE-2010-1577
 	RESERVED
 CVE-2010-1576 (The Cisco Content Services Switch (CSS) 11500 with software
before ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software
08.20.1.01 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE)
3000 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded
...)
 	NOT-FOR-US: Linksys firmware
 CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell
in ...)
@@ -3643,9 +3656,9 @@
 CVE-2010-1329 (Imperva SecureSphere Web Application Firewall and Database
Firewall ...)
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall and Database
Firewall
 CVE-2010-1328 (Multiple cross-site scripting (XSS) vulnerabilities in
TornadoStore ...)
-	TODO: check
+	NOT-FOR-US: TornadoStore
 CVE-2010-1327 (Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and
...)
-	TODO: check
+	NOT-FOR-US: TornadoStore
 CVE-2010-1326
 	RESERVED
 CVE-2010-1325
@@ -3987,7 +4000,6 @@
 	NOTE: Scheduled for next round of Firefox updates (20th July)
 CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x
before ...)
 	- libpng 1.2.44-1 (bug #587670)
-	- freeimage <undetermined> 
 	- tuxonice-userui <unfixed> 
 	TODO: binNMU tuxonice-userui once libpng is fixed
 CVE-2010-1204 (Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6,
3.5.1 ...)
@@ -14619,7 +14631,6 @@
 CVE-2009-2347 (Multiple integer overflows in inter-color spaces conversion
tools in ...)
 	{DSA-1835-1}
 	- tiff 3.8.2-13
-	TODO: check freeimage
 CVE-2009-2346 (The IAX2 protocol implementation in Asterisk Open Source 1.2.x
before ...)
 	- asterisk 1:1.6.2.0~dfsg~beta3-1 (bug #539473)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by
security support)
@@ -14807,7 +14818,6 @@
 CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff
3.8.2 ...)
 	{DSA-1835-1}
 	- tiff 3.8.2-12 (low; bug #534137)
-	TODO: check freeimage
 	NOTE: this doesn''t allow code execution, only a crash.
 CVE-2009-2283 (Multiple cross-site scripting (XSS) vulnerabilities in the help
jsp ...)
 	NOT-FOR-US: Sun Java Web Console in Solaris 
@@ -15473,7 +15483,7 @@
 	- libpng 1.2.37-1 (low; bug #533676)
 	[etch] - libpng <no-dsa> (Minor issue, only exploitable in rare setups)
 	- xulrunner <not-affected> (xulrunner dynamically linked against libpng;
embeded code copy not used)
-	TODO: check freeimage, tuxonice-userui
+	TODO: check tuxonice-userui
 CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O.
activeCollab ...)
 	NOT-FOR-US: activeCollab
 CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict
access, ...)
@@ -16309,15 +16319,12 @@
 CVE-2009-1722 (Heap-based buffer overflow in the compression implementation in
...)
 	{DSA-1842-1}
 	- openexr 1.6.1-1 (medium; bug #540424)
-	TODO: check freeimage
 CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress
function in ...)
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-	TODO: check freeimage
 CVE-2009-1720 (Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow ...)
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-	TODO: check freeimage
 CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on
Mac OS X ...)
 	NOT-FOR-US: Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X
 CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote
...)
@@ -20588,7 +20595,7 @@
 CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in
libpng ...)
 	{DSA-1750-1}
 	- libpng 1.2.33-1
-	TODO: check freeimage, tuxonice-userui
+	TODO: check tuxonice-userui
 CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in Extrakt
...)
 	NOT-FOR-US: Extrakt Framework
 CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in
Venalsur ...)
@@ -22611,7 +22618,7 @@
 CVE-2008-5907 (The png_check_keyword function in pngwutil.c in libpng before
1.0.42, ...)
 	{DSA-1750-1}
 	- libpng 1.2.35-1 (bug #512665)
-	TODO: check freeimage, tuxonice-userui
+	TODO: check tuxonice-userui
 	NOTE: Only an issues when using libpng to create out-of-spec images
 CVE-2008-5906 (Eval injection vulnerability in the web interface plugin in
KTorrent ...)
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
@@ -23504,7 +23511,7 @@
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- libpng 1.2.35-1 (bug #516256)
-	TODO: check freeimage, tuxonice-userui
+	TODO: check tuxonice-userui
 CVE-2009-0039 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the web ...)
 	- geronimo <itp> (bug #481869)
 CVE-2009-0038 (Multiple cross-site scripting (XSS) vulnerabilities in the web
...)
@@ -31657,7 +31664,6 @@
 CVE-2008-2327 (Multiple buffer underflows in the (1) LZWDecode, (2)
LZWDecodeCompat, ...)
 	{DSA-1632-1 DTSA-160-1}
 	- tiff 3.8.2-11 (medium)
-	TODO: check freeimage
 CVE-2008-2326 (mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour
for ...)
 	NOT-FOR-US: Apple Bonjour for Windows
 CVE-2008-2325 (QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote
attackers ...)