Author: jmm-guest
Date: 2010-10-15 09:07:40 +0000 (Fri, 15 Oct 2010)
New Revision: 15475
Modified:
data/CVE/list
Log:
- freeradius fixed
- linux-2.6 fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-10-14 21:14:51 UTC (rev 15474)
+++ data/CVE/list 2010-10-15 09:07:40 UTC (rev 15475)
@@ -509,7 +509,7 @@
TODO: check
CVE-2010-3705 [sctp out-of-bounds issue]
RESERVED
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-3704
RESERVED
{DSA-2119-1}
@@ -542,9 +542,9 @@
CVE-2010-3698
RESERVED
CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS
2.1.x ...)
- - freeradius <unfixed> (bug #600176)
+ - freeradius 2.1.10+dfsg-1 (bug #600176)
CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9,
in ...)
- - freeradius <unfixed> (bug #600176)
+ - freeradius 2.1.10+dfsg-1 (bug #600176)
[lenny] - freeradius <not-affected> (Vulnerable code not present)
CVE-2010-3695 [XSS vulnerability in the Fetchmail configuration]
RESERVED
@@ -857,7 +857,7 @@
CVE-2010-3478
RESERVED
CVE-2010-3477 (The tcf_act_police_dump function in net/sched/act_police.c in
the ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-3600
RESERVED
CVE-2010-3599
@@ -1228,7 +1228,7 @@
[squeeze] - quassel 0.6.3-1
NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
NOTE:
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
CVE-2010-3441
RESERVED
@@ -1246,7 +1246,7 @@
- libpoe-component-irc-perl 6.32+dfsg-1
[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function
in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-3436 [open_basedir bypass]
RESERVED
- php5 <unfixed> (unimportant)
@@ -1618,7 +1618,7 @@
- freetype 2.4.0-1
NOTE: Only the 2.3.x series is affected
CVE-2010-3310 (Multiple integer signedness errors in net/rose/af_rose.c in the
Linux ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-3309
RESERVED
CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in
Openswan ...)
@@ -2237,7 +2237,7 @@
- mednafen 0.8.D-1 (unimportant)
NOTE: Extremely obscure attack vector, marking as unimportant
CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red
Hat ...)
TODO: check
CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before
1.2.2 ...)
@@ -2518,6 +2518,7 @@
RESERVED
CVE-2010-2962
RESERVED
+ - linux-2.6 2.6.32-25
CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for
the ...)
NOT-FOR-US: mountall
CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c
in the ...)
@@ -2568,7 +2569,7 @@
CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does
not look ...)
- linux-2.6 <unfixed>
CVE-2010-2942 (The actions implementation in the network queueing functionality
in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
[lenny] - linux-2.6 2.6.26-25
CVE-2010-2941
RESERVED
@@ -3373,7 +3374,7 @@
CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM
...)
NOT-FOR-US: BladeCenter software
CVE-2010-2653 (Race condition in the hvc_close function in
drivers/char/hvc_console.c ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook
Pro ...)
NOT-FOR-US: Online Guestbook Pro
CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online
Photo ...)
@@ -6745,7 +6746,7 @@
{DSA-2053-1}
- linux-2.6 2.6.32-13
CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions,
does not ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-25
CVE-2010-1435
RESERVED
CVE-2010-1434