Author: jmm-guest Date: 2010-12-03 16:24:51 +0000 (Fri, 03 Dec 2010) New Revision: 15646 Modified: data/CVE/list Log: - new kernel issues (mostly already present in kernel-sec repo) - imagemagick/cwd CVEfied - plenty of new chrome/webkit issues - NFUs - festival not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-03 08:17:04 UTC (rev 15645) +++ data/CVE/list 2010-12-03 16:24:51 UTC (rev 15646) @@ -1,8 +1,7 @@ CVE-2010-XXXX [ocrodjvu insecure temp files handling] - ocrodjvu 0.4.6-2 (low; bug #598134) CVE-2010-XXXX [hypermail XSS] - - hypermail <removed> (bug #598743) - TODO: check + - hypermail <removed> (low; bug #598743) CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...) TODO: check CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...) @@ -252,7 +251,7 @@ CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...) NOT-FOR-US: ImpressCMS CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...) - TODO: check + NOT-FOR-US: Joomla addon CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...) NOT-FOR-US: Collabtive CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...) @@ -294,9 +293,9 @@ CVE-2010-4250 RESERVED CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux ...) - TODO: check + - linux-2.6 <unfixed> CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...) - TODO: check + - linux-2.6 <unfixed> CVE-2010-4247 RESERVED CVE-2010-4246 @@ -357,9 +356,6 @@ CVE-2010-XXXX [pootle XSS vulnerability via ''match_names''] - pootle <unfixed> (low; bug #604060) [lenny] - pootle <not-affected> (Minor issue) -CVE-2010-XXXX [imagemagick reads config files from cwd] - - imagemagick 8:6.6.0.4-3 (low; bug #601824) - [lenny] - imagemagick 7:6.3.7.9.dfsg2-1~lenny4 CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...) NOT-FOR-US: IBM WebSphere CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...) @@ -489,12 +485,13 @@ RESERVED - systemtap 1.2-3 (bug #603946) CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...) - TODO: check + - linux-2.6 <unfixed> CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...) - openttd 1.0.4-3 (bug #603752) [lenny] - openttd <not-affected> (Introduced in 1.0) CVE-2010-4167 (Untrusted search path vulnerability in configure.c in ImageMagick ...) - TODO: check + - imagemagick 8:6.6.0.4-3 (low; bug #601824) + [lenny] - imagemagick 7:6.3.7.9.dfsg2-1~lenny4 CVE-2010-4166 RESERVED CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...) @@ -899,7 +896,7 @@ CVE-2010-3997 RESERVED CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) ...) - TODO: check + - festival <not-affected> (From Lenny onwards we don''t include the server component) CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...) - python-pyftpdlib 0.5.2-1 CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...) @@ -1095,9 +1092,9 @@ CVE-2010-3912 RESERVED CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...) - TODO: check + NOT-FOR-US: vTiger CRM CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...) - TODO: check + NOT-FOR-US: vTiger CRM CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...) NOT-FOR-US: vtiger CRM CVE-2010-3908 @@ -1217,7 +1214,7 @@ RESERVED CVE-2010-3861 RESERVED - - linux-2.6 <unfixed> + - linux-2.6 2.6.32-29 [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27) CVE-2010-3860 RESERVED @@ -1344,55 +1341,73 @@ CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before ...) NOT-FOR-US: Apple iOS CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3825 RESERVED CVE-2010-3824 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3823 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3822 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3821 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3820 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3819 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3818 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3817 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3815 RESERVED CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...) - freetype 2.4.2-2.1 (bug #602221) CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) - webkit <unfixed> - chromium-browser <undetermined> NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257 CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3809 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3808 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3807 RESERVED CVE-2010-3806 RESERVED CVE-2010-3805 (Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) - TODO: check + - webkit <undetermined> + - chromium-browser <undetermined> CVE-2010-3802 RESERVED CVE-2010-3801