Author: jmm-guest
Date: 2010-08-26 09:11:20 +0000 (Thu, 26 Aug 2010)
New Revision: 15217
Modified:
data/CVE/list
Log:
- one kvm issue doesn''t affect Debian
- spice ITPd
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-08-26 08:46:30 UTC (rev 15216)
+++ data/CVE/list 2010-08-26 09:11:20 UTC (rev 15217)
@@ -746,7 +746,7 @@
CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
TODO: check
CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
- TODO: check
+ NOT-FOR-US: Red Hat Virtual Desktop Server Manager
CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in
...)
- lynx-cur <unfixed> (bug #594300)
[lenny] - lynx-cur <no-dsa> (Minor issue)
@@ -7446,13 +7446,14 @@
CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the
Apache Open ...)
NOT-FOR-US: Apache Open For Business Project (OFBiz)
CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red
Hat ...)
- TODO: check
+ - qemu-kvm <not-affected> (QXL support not yet present in Debian
packages)
+ - kvm <not-affected> (QXL support not yet present in Debian packages)
CVE-2010-0430
RESERVED
CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka
rhev-hypervisor) ...)
- TODO: check
+ - spice <itp> (bug #560721)
CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka
rhev-hypervisor) ...)
- TODO: check
+ - spice <itp> (bug #560721)
CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is
used, ...)
{DSA-2006-1}
- sudo 1.7.0-1