Secure testing commits - Oct 2010 - r15536 - in data: . CVE

Author: jmm-guest
Date: 2010-10-28 21:31:39 +0000 (Thu, 28 Oct 2010)
New Revision: 15536

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
- ember fixed
- two more dovecot issues (fixed in Squeeze, N/A in Lenny)
- new mozilla issue and various mozilla updates
- postgresql9 issue (sid only)
- new python issue (already fixed in 3.1, 2.6 and 2.5 still needed)
- eglibc issue unimportant
- NFUs
- mantis fixed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-28 02:38:42 UTC (rev 15535)
+++ data/CVE/list	2010-10-28 21:31:39 UTC (rev 15536)
@@ -740,11 +740,13 @@
 CVE-2010-3782
 	RESERVED
 CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not
properly ...)
-	TODO: check
+	- postgresql-9.0 9.0.1-1
 CVE-2010-3780 (Dovecot 1.2.x before 1.2.15 allows remote authenticated users to
cause ...)
 	- dovecot 1:1.2.15-1 (bug #599521)
+	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants
the ...)
 	- dovecot 1:1.2.15-1 (bug #599521)
+	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 CVE-2010-3778
 	RESERVED
 CVE-2010-3777
@@ -773,10 +775,17 @@
 	RESERVED
 CVE-2010-3765
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel 3.5.15-1
+	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.10-1
+	[lenny] - iceape <not-affected> (Only a stub package)
+	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 CVE-2010-3764
 	RESERVED
 CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php
in ...)
-	- mantis <unfixed> (bug filed)
+	- mantis 1.1.8+dfsg-9 (bug #601618)
+	[lenny] - mantis <no-dsa> (Minor issue)
 CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled,
does not ...)
 	- bind9 <unfixed> (bug #599515)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
@@ -905,9 +914,11 @@
 CVE-2010-3708
 	RESERVED
 CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15
and ...)
-	TODO: check
+	- dovecot 1.2.15-1
+	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15
and ...)
-	TODO: check
+	- dovecot 1.2.15-1
+	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 CVE-2010-3705 [sctp out-of-bounds issue]
 	RESERVED
 	- linux-2.6 2.6.32-25
@@ -984,8 +995,6 @@
 	TODO: check, apparently bogus dupes, contact MITRE for rejection 
 CVE-2010-XXXX [libcloud doesn''t verify SSL certificate]
 	- libcloud <unfixed> (bug #598463)
-	TODO: check
-	NOTE: other similar python code should be reviewed
 CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in
NetArtMEDIA ...)
 	NOT-FOR-US: NetArtMEDIA WebSiteAdmin
 CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs
...)
@@ -1035,7 +1044,7 @@
 CVE-2010-3654
 	RESERVED
 CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave player
11.5.8.612, ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave
 CVE-2010-3652
 	RESERVED
 CVE-2010-3651
@@ -1221,7 +1230,10 @@
 	- python-pyftpdlib 0.5.2-1 (low)
 	NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104
 CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in
Python ...)
-	TODO: check
+	- python3.1 3.1.2+20100829-1
+	- python2.6 <unfixed> (low; bug #601690)
+	- python2.5 <unfixed> 
+	[lenny] - python2.5 <no-dsa> (Minor issue)
 CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly
handle ...)
 	- python2.7 <unfixed> (unimportant)
 	- python3.1 <unfixed> (unimportant)
@@ -1229,7 +1241,7 @@
 	NOTE: Unfixable design limitation, which needs to be coped with in
applications
 	NOTE: This CVE is about proper documentation
 CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator
...)
-	TODO: check
+	NOT-FOR-US: TIBCO ActiveMatrix Service Grid
 CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the
System ...)
 	NOT-FOR-US: System Recordings component in the configuration interface in
FreePBX
 CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
@@ -1732,10 +1744,8 @@
 CVE-2010-3401
 	RESERVED
 CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in
Mozilla ...)
-	TODO: check
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
 CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in
Mozilla ...)
-	TODO: check
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
 CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in
IBM ...)
 	NOT-FOR-US: IBM Lotus Sametime Connect
@@ -1843,7 +1853,7 @@
 CVE-2010-3356
 	RESERVED
 CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
-	- ember <unfixed> (bug #598288)
+	- ember 0.5.7-1.1 (low; bug #598288)
 CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name
in the ...)
 	- dropbox 0.8.107-1 (low; bug #598287)
 	[lenny] - dropbox <no-dsa> (Non-free not supported)
@@ -1959,8 +1969,7 @@
 	- pixelpost <unfixed>
 CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX
ACLs to ...)
 	- dovecot 1.2.13-1
-	TODO: check whether this is true: [lenny] - dovecot <not-affected> (only
affects 1.2.x)
-	NOTE: http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
+	[lenny] - dovecot <not-affected> (only affects 1.2.x)
 CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT
before ...)
 	- mantis 1.1.8+dfsg-8 (bug #599710)
 	[lenny] - mantis <no-dsa> (Minor issue)
@@ -2169,7 +2178,7 @@
 CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit
platforms ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument
method ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3226
 	RESERVED
 CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing
...)
@@ -2244,7 +2253,8 @@
 CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1
before ...)
 	NOT-FOR-US: IBM DB2
 CVE-2010-3192 (Certain run-time memory protection mechanisms in the GNU C
Library ...)
-	TODO: check
+	- eglibc <unfixed> (unimportant)
+	NOTE: Minor information leak
 CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate
5.0.0.596, and ...)
 	NOT-FOR-US: Adobe Captivate
 CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...)
@@ -2308,7 +2318,7 @@
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
-	TODO: check
+	- iceweasel <not-affected> (Only affects Firefox 3.6, which is only in
experimental)
 CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla
Firefox ...)
 	- xulrunner <removed>
 	- icedove 3.0.9-1
@@ -2321,9 +2331,13 @@
 CVE-2010-3172
 	RESERVED
 CVE-2010-3171 (The Math.random function in the JavaScript implementation in
Mozilla ...)
-	TODO: check
+	NOTE: Will likely be rejected by MITRE
 CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11,
Thunderbird ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	{DSA-2106-1}
 	- xulrunner <removed>
@@ -3074,9 +3088,9 @@
 CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat
9.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe
RoboHelp ...)
-	TODO: check
+	NOT-FOR-US: Adobe RoboHelp
 CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and
8, ...)
-	TODO: check
+	NOT-FOR-US: Adobe RoboHelp
 CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X,
Linux, ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and
...)
@@ -3929,9 +3943,9 @@
 CVE-2010-2586
 	RESERVED
 CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX
...)
-	TODO: check
+	NOT-FOR-US: RealPage Module ActiveX Controls
 CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control
in ...)
-	TODO: check
+	NOT-FOR-US: RealPage Module ActiveX Controls
 CVE-2010-2583
 	RESERVED
 CVE-2010-2582
@@ -4051,7 +4065,7 @@
 CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq
0.5 and ...)
 	- rekonq 0.5.0-2 (bug #593300)
 CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back
End in ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2010-2534 (The NetworkSyncCommandQueue function in
network/network_command.cpp in ...)
 	- openttd 1.0.3-1
 	[lenny] - openttd <not-affected> (Introduced in 1.0.1)
@@ -5882,7 +5896,8 @@
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/65692
 CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not
properly ...)
-	TODO: check
+	- webkit <undetermined>
+	- chromium-browser 6.0.472.62~r59676-1
 CVE-2010-1821
 	RESERVED
 CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x
through ...)

Modified: data/spu-candidates.txt
==================================================================---
data/spu-candidates.txt	2010-10-28 02:38:42 UTC (rev 15535)
+++ data/spu-candidates.txt	2010-10-28 21:31:39 UTC (rev 15536)
@@ -493,7 +493,7 @@
 
 --
 
-python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449,
CVE-2009-4134)
+python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449,
CVE-2009-4134, CVE-2010-3493)
 
 --