Secure testing commits - Oct 2010 - r15426 - data/CVE

Author: joeyh
Date: 2010-10-05 21:14:59 +0000 (Tue, 05 Oct 2010)
New Revision: 15426

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-05 09:36:37 UTC (rev 15425)
+++ data/CVE/list	2010-10-05 21:14:59 UTC (rev 15426)
@@ -683,8 +683,7 @@
 	RESERVED
 	- quassel 0.7.1-1 (bug #597853)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
-CVE-2010-3442 [heap corruption in snd_ctl_new]
-	RESERVED
+CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
 	- linux-2.6 <unfixed>
 	NOTE:
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
 CVE-2010-3441
@@ -702,8 +701,7 @@
 	RESERVED
 	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
-CVE-2010-3437 [linux pktcdvd ioctl dev_minor missing range check]
-	RESERVED
+CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function
in ...)
 	- linux-2.6 <unfixed>
 CVE-2010-3436 [open_basedir bypass]
 	RESERVED
@@ -913,8 +911,7 @@
 	RESERVED
 	- qtparted 0.4.5-8 (low; bug #598301)
 	[lenny] - qtparted <no-dsa> (Minor issue)
-CVE-2010-3374
-	RESERVED
+CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in
the ...)
 	- qtcreator <unfixed> (bug #598300)
 CVE-2010-3373
 	RESERVED
@@ -1059,8 +1056,7 @@
 	TODO: check
 	NOTE: partial fix
http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
 	NOTE: see 20100927201729.GB4485 at openwall.com
-CVE-2010-3315
-	RESERVED
+CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, as
...)
 	- subversion 1.6.12dfsg-2 (low)
 CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in
EGroupware ...)
 	{DSA-2013-1}
@@ -4989,8 +4985,8 @@
 CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in
...)
 	- webkit <undetermined>
 	- chromium-browser <undetermined>
-CVE-2010-1822
-	RESERVED
+CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not
properly ...)
+	TODO: check
 CVE-2010-1821
 	RESERVED
 CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x
through ...)
@@ -5588,8 +5584,7 @@
 	- pidgin 2.7.0-1 (low)
 	[lenny] - pidgin 2.4.3-4lenny6
 	NOTE: MSN support was disabled in 2.4.3-4lenny6
-CVE-2010-1623 [DoS through mem usage]
-	RESERVED
+CVE-2010-1623 (The apr_brigade_split_line function in buckets/apr_brigade.c in
the ...)
 	{DSA-2117-1}
 	- apr-util 1.3.9+dfsg-4 (medium)
 CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7
before ...)