Author: jmm-guest
Date: 2010-10-10 11:29:32 +0000 (Sun, 10 Oct 2010)
New Revision: 15448
Modified:
data/CVE/list
Log:
bugs filed
record kernel fixes
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-10-10 11:06:14 UTC (rev 15447)
+++ data/CVE/list 2010-10-10 11:29:32 UTC (rev 15448)
@@ -597,6 +597,7 @@
RESERVED
CVE-2010-3495
RESERVED
+ - zodb <unfixed> (bug #599711)
CVE-2010-3494
RESERVED
- python-pyftpdlib 0.5.2-1 (low)
@@ -1343,8 +1344,7 @@
TODO: check whether this is true: [lenny] - dovecot <not-affected> (only
affects 1.2.x)
NOTE: http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT
before ...)
- - mantis <unfixed>
- TODO: check
+ - mantis <unfixed> (bug #599710)
NOTE: http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in
Openswan ...)
- openswan 1:2.6.28+dfsg-2
@@ -1957,9 +1957,10 @@
- linux-2.6 2.6.32-23 (high)
CVE-2010-3080 (Double free vulnerability in the snd_seq_oss_open function in
...)
{DSA-2110-1}
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-24
CVE-2010-3079 (kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when
...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-24
+ [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c
in the ...)
{DSA-2110-1}
- linux-2.6 2.6.32-24
@@ -2018,6 +2019,7 @@
CVE-2010-3065 (The default session serializer in PHP 5.2 through 5.2.13 and 5.3
...)
{DSA-2089-1}
- php5 <unfixed>
+ NOTE: Fixed in experimental: version 5.3.3-1
CVE-2010-3057
RESERVED
CVE-2010-3054 (Unspecified vulnerability in FreeType 2.3.9, and other versions
before ...)
@@ -2257,7 +2259,7 @@
NOT-FOR-US: Apache Traffic Server
CVE-2010-2951 [squid3 DoS via TCP DNS request]
RESERVED
- - squid3 <unfixed>
+ - squid3 <unfixed> (bug #599709)
[lenny] - squid3 <not-affected> (vulnerable code introduced in 3.1.6)
NOTE: http://marc.info/?l=squid-users&m=128263555724981&w=2
CVE-2010-2950 (Format string vulnerability in stream.c in the phar extension in
PHP ...)
@@ -2298,7 +2300,7 @@
{DSA-2099-1}
- openoffice.org 1:3.2.1-6
CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote
...)
- - znc <unfixed> (bug filed)
+ - znc <unfixed> (bug #599708)
CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows
remote ...)
NOT-FOR-US: AV Arcade
CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
@@ -2603,7 +2605,7 @@
- squirrelmail 2:1.4.21-1 (low)
[lenny] - squirrelmail <no-dsa> (low-risk issue)
CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
- - znc <unfixed> (bug filed)
+ - znc <unfixed> (bug #599708)
CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
NOT-FOR-US: Red Hat Virtual Desktop Server Manager
CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in
...)