thr3ads.net - Secure testing commits - [Secure-testing-commits] r15212

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Aug-25 21:14 UTC
[Secure-testing-commits] r15212 - data/CVE

Author: joeyh
Date: 2010-08-25 21:14:46 +0000 (Wed, 25 Aug 2010)
New Revision: 15212

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-08-25 20:08:59 UTC (rev 15211)
+++ data/CVE/list	2010-08-25 21:14:46 UTC (rev 15212)
@@ -1,8 +1,32 @@
+CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the
...)
+	TODO: check
+CVE-2010-3119 (Google Chrome before 5.0.375.127 does not properly support the
Ruby ...)
+	TODO: check
+CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google
Chrome ...)
+	TODO: check
+CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the
...)
+	TODO: check
+CVE-2010-3116 (Google Chrome before 5.0.375.127 does not properly process MIME
types, ...)
+	TODO: check
+CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the
...)
+	TODO: check
+CVE-2010-3114 (The text-editing implementation in Google Chrome before
5.0.375.127 ...)
+	TODO: check
+CVE-2010-3113 (Google Chrome before 5.0.375.127 does not properly handle SVG
...)
+	TODO: check
+CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement
file ...)
+	TODO: check
+CVE-2010-3111 (Google Chrome before 5.0.375.127 does not properly mitigate an
...)
+	TODO: check
+CVE-2010-3110
+	RESERVED
 CVE-2010-XXXX [CouchDB insecure library loading]
 	- couchdb <unfixed> (low; bug #594412)
 CVE-2010-2948 [quagga: buffer overflow in route refresh processing]
+	RESERVED
 	- quagga <unfixed> (bug #594262)
 CVE-2010-2949 [quagga: crash while processing AS paths in BGP updates]
+	RESERVED
 	- quagga <unfixed> (bug #594262)
 CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell
iPrint ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
@@ -120,12 +144,10 @@
 	- freetype 2.4.2-1 (unimportant)
 CVE-2010-3053 (bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to
cause ...)
 	- freetype 2.4.2-1
-CVE-2010-3056 [phpmyadmin PMASA-2010-5 Several XSS vulnerabilities were found
in the code.]
-	RESERVED
+CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
 	- phpmyadmin 4:3.3.5.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php
-CVE-2010-3055 [phpmyadmin PMASA-2010-4 Insufficient output sanitizing when
generating configuration file.]
-	RESERVED
+CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in
phpMyAdmin ...)
 	- phpmyadmin <not-affected> (Affects only 2.x branch)
 	[lenny] - phpmyadmin <unfixed>
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php
@@ -348,8 +370,7 @@
 	RESERVED
 CVE-2010-2950
 	RESERVED
-CVE-2010-2947
-	RESERVED
+CVE-2010-2947 (Heap-based buffer overflow in the HX_split function in string.c
in ...)
 	- libhx <unfixed> (low; bug #594393)
 CVE-2010-2946 [jfs issue]
 	RESERVED
@@ -697,8 +718,8 @@
 	[lenny] - squirrelmail <no-dsa> (low-risk issue)
 CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
 	TODO: check
-CVE-2010-2811
-	RESERVED
+CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
+	TODO: check
 CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in
...)
 	- lynx-cur <unfixed> (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue)
@@ -770,8 +791,8 @@
 CVE-2010-2785 (The IRC Protocol component in KVIrc 3.x and 4.x before r4693
does not ...)
 	{DSA-2078-1}
 	- kvirc 4:4.0.0-3
-CVE-2010-2784
-	RESERVED
+CVE-2010-2784 (The subpage MMIO initialization functionality in the
subpage_register ...)
+	TODO: check
 CVE-2010-2783
 	RESERVED
 	- openjdk-6 6b18-1.8.1-1
@@ -4041,8 +4062,7 @@
 	NOT-FOR-US: Uiga Proxy
 CVE-2010-1527 (Stack-based buffer overflow in Novell iPrint Client before 5.44
allows ...)
 	TODO: check
-CVE-2010-1526
-	RESERVED
+CVE-2010-1526 (Multiple integer overflows in libgdiplus 2.6.7, as used in Mono,
allow ...)
 	- libgdiplus 2.6.7-2 (low; bug #594155)
 CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader
(wkssr.dll) in ...)
 	TODO: check
@@ -7383,8 +7403,8 @@
 	- kdebase-workspace 4:4.4.3-1
 	NOTE: The binary package kdm was built from kdebase in Lenny and from
kdebase-workspace
 	NOTE: in KDE 4.x, i.e. Squeeze onwards
-CVE-2010-0435
-	RESERVED
+CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise ...)
+	TODO: check
 CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache
HTTP ...)
 	{DSA-2035-1}
 	- apache2 2.2.15-1
@@ -7393,14 +7413,14 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/5
 CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the
Apache Open ...)
 	NOT-FOR-US: Apache Open For Business Project (OFBiz)
-CVE-2010-0431
-	RESERVED
+CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red
Hat ...)
+	TODO: check
 CVE-2010-0430
 	RESERVED
-CVE-2010-0429
-	RESERVED
-CVE-2010-0428
-	RESERVED
+CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka
rhev-hypervisor) ...)
+	TODO: check
+CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka
rhev-hypervisor) ...)
+	TODO: check
 CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is
used, ...)
 	{DSA-2006-1}
 	- sudo 1.7.0-1
Secure testing commits - Aug 2010 - r15212 - data/CVE

[Secure-testing-commits] r15212 - data/CVE
