Author: jmm-guest Date: 2010-10-28 21:31:39 +0000 (Thu, 28 Oct 2010) New Revision: 15536 Modified: data/CVE/list data/spu-candidates.txt Log: - ember fixed - two more dovecot issues (fixed in Squeeze, N/A in Lenny) - new mozilla issue and various mozilla updates - postgresql9 issue (sid only) - new python issue (already fixed in 3.1, 2.6 and 2.5 still needed) - eglibc issue unimportant - NFUs - mantis fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-10-28 02:38:42 UTC (rev 15535) +++ data/CVE/list 2010-10-28 21:31:39 UTC (rev 15536) @@ -740,11 +740,13 @@ CVE-2010-3782 RESERVED CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properly ...) - TODO: check + - postgresql-9.0 9.0.1-1 CVE-2010-3780 (Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause ...) - dovecot 1:1.2.15-1 (bug #599521) + [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the ...) - dovecot 1:1.2.15-1 (bug #599521) + [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3778 RESERVED CVE-2010-3777 @@ -773,10 +775,17 @@ RESERVED CVE-2010-3765 RESERVED + - xulrunner <removed> + - iceweasel 3.5.15-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) + - iceape 2.0.10-1 + [lenny] - iceape <not-affected> (Only a stub package) + [lenny] - xulrunner <not-affected> (bug in optimization added later) CVE-2010-3764 RESERVED CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php in ...) - - mantis <unfixed> (bug filed) + - mantis 1.1.8+dfsg-9 (bug #601618) + [lenny] - mantis <no-dsa> (Minor issue) CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not ...) - bind9 <unfixed> (bug #599515) NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html @@ -905,9 +914,11 @@ CVE-2010-3708 RESERVED CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...) - TODO: check + - dovecot 1.2.15-1 + [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...) - TODO: check + - dovecot 1.2.15-1 + [lenny] - dovecot <not-affected> (Only affects 1.2.x) CVE-2010-3705 [sctp out-of-bounds issue] RESERVED - linux-2.6 2.6.32-25 @@ -984,8 +995,6 @@ TODO: check, apparently bogus dupes, contact MITRE for rejection CVE-2010-XXXX [libcloud doesn''t verify SSL certificate] - libcloud <unfixed> (bug #598463) - TODO: check - NOTE: other similar python code should be reviewed CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA ...) NOT-FOR-US: NetArtMEDIA WebSiteAdmin CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs ...) @@ -1035,7 +1044,7 @@ CVE-2010-3654 RESERVED CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave player 11.5.8.612, ...) - TODO: check + NOT-FOR-US: Adobe Shockwave CVE-2010-3652 RESERVED CVE-2010-3651 @@ -1221,7 +1230,10 @@ - python-pyftpdlib 0.5.2-1 (low) NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104 CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...) - TODO: check + - python3.1 3.1.2+20100829-1 + - python2.6 <unfixed> (low; bug #601690) + - python2.5 <unfixed> + [lenny] - python2.5 <no-dsa> (Minor issue) CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...) - python2.7 <unfixed> (unimportant) - python3.1 <unfixed> (unimportant) @@ -1229,7 +1241,7 @@ NOTE: Unfixable design limitation, which needs to be coped with in applications NOTE: This CVE is about proper documentation CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator ...) - TODO: check + NOT-FOR-US: TIBCO ActiveMatrix Service Grid CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...) NOT-FOR-US: System Recordings component in the configuration interface in FreePBX CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...) @@ -1732,10 +1744,8 @@ CVE-2010-3401 RESERVED CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in Mozilla ...) - TODO: check NOTE: These will likely be rejected, Mozilla people will clarify with MITRE CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in Mozilla ...) - TODO: check NOTE: These will likely be rejected, Mozilla people will clarify with MITRE CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in IBM ...) NOT-FOR-US: IBM Lotus Sametime Connect @@ -1843,7 +1853,7 @@ CVE-2010-3356 RESERVED CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...) - - ember <unfixed> (bug #598288) + - ember 0.5.7-1.1 (low; bug #598288) CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...) - dropbox 0.8.107-1 (low; bug #598287) [lenny] - dropbox <no-dsa> (Non-free not supported) @@ -1959,8 +1969,7 @@ - pixelpost <unfixed> CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to ...) - dovecot 1.2.13-1 - TODO: check whether this is true: [lenny] - dovecot <not-affected> (only affects 1.2.x) - NOTE: http://www.dovecot.org/list/dovecot-news/2010-July/000163.html + [lenny] - dovecot <not-affected> (only affects 1.2.x) CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before ...) - mantis 1.1.8+dfsg-8 (bug #599710) [lenny] - mantis <no-dsa> (Minor issue) @@ -2169,7 +2178,7 @@ CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...) NOT-FOR-US: Microsoft .NET Framework CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3226 RESERVED CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...) @@ -2244,7 +2253,8 @@ CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before ...) NOT-FOR-US: IBM DB2 CVE-2010-3192 (Certain run-time memory protection mechanisms in the GNU C Library ...) - TODO: check + - eglibc <unfixed> (unimportant) + NOTE: Minor information leak CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and ...) NOT-FOR-US: Adobe Captivate CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...) @@ -2308,7 +2318,7 @@ - iceape 2.0.9-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - TODO: check + - iceweasel <not-affected> (Only affects Firefox 3.6, which is only in experimental) CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...) - xulrunner <removed> - icedove 3.0.9-1 @@ -2321,9 +2331,13 @@ CVE-2010-3172 RESERVED CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla ...) - TODO: check + NOTE: Will likely be rejected by MITRE CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...) - TODO: check + - xulrunner <removed> + - iceweasel 3.5.14-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) + - iceape 2.0.9-1 + [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) {DSA-2106-1} - xulrunner <removed> @@ -3074,9 +3088,9 @@ CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x ...) NOT-FOR-US: Adobe Reader and Acrobat CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...) - TODO: check + NOT-FOR-US: Adobe RoboHelp CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, ...) - TODO: check + NOT-FOR-US: Adobe RoboHelp CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...) NOT-FOR-US: Adobe Flash Player CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and ...) @@ -3929,9 +3943,9 @@ CVE-2010-2586 RESERVED CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...) - TODO: check + NOT-FOR-US: RealPage Module ActiveX Controls CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in ...) - TODO: check + NOT-FOR-US: RealPage Module ActiveX Controls CVE-2010-2583 RESERVED CVE-2010-2582 @@ -4051,7 +4065,7 @@ CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and ...) - rekonq 0.5.0-2 (bug #593300) CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back End in ...) - TODO: check + NOT-FOR-US: Joomla CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...) - openttd 1.0.3-1 [lenny] - openttd <not-affected> (Introduced in 1.0.1) @@ -5882,7 +5896,8 @@ - chromium-browser 6.0.472.59~r59126-1 NOTE: http://trac.webkit.org/changeset/65692 CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...) - TODO: check + - webkit <undetermined> + - chromium-browser 6.0.472.62~r59676-1 CVE-2010-1821 RESERVED CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through ...) Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2010-10-28 02:38:42 UTC (rev 15535) +++ data/spu-candidates.txt 2010-10-28 21:31:39 UTC (rev 15536) @@ -493,7 +493,7 @@ -- -python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134) +python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134, CVE-2010-3493) --