Author: jmm-guest
Date: 2010-12-08 21:03:48 +0000 (Wed, 08 Dec 2010)
New Revision: 15667
Modified:
data/CVE/list
Log:
- libapache2-mod-fcgid, libio-socket-ssl-perl, pybliographer, snappea,
gnumed-client fixed
- bugs filed for cakephp, tomcat6
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-12-08 19:51:40 UTC (rev 15666)
+++ data/CVE/list 2010-12-08 21:03:48 UTC (rev 15667)
@@ -150,10 +150,10 @@
- openssl 0.9.8k-1
CVE-2010-4334 [IO::Socket::SSL verify peer mode ignored if no cert supplied]
RESERVED
- - libio-socket-ssl-perl <unfixed> (bug #606058)
+ - libio-socket-ssl-perl 1.35-1 (bug #606058)
CVE-2010-4335 [cakephp controller/component/security.php unsafe unserialize]
RESERVED
- - cakephp <unfixed>
+ - cakephp <unfixed> (bug #606386)
NOTE:
https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
CVE-2010-4336 [collectd: DoS in RRDtool and RRDCacheD plugins]
RESERVED
@@ -411,7 +411,7 @@
CVE-2010-XXXX [python path]
- opendnssec 1.1.3-2 (low; bug #605161)
CVE-2010-XXXX [python path]
- - pybliographer <unfixed> (low; bug #605153)
+ - pybliographer 1.2.14-3 (low; bug #605153)
CVE-2010-XXXX [python path]
- calendarserver <unfixed> (low; bug #605157)
[lenny] - calendarserver <no-dsa> (Minor issue)
@@ -419,7 +419,7 @@
- gquilt 0.22-1.1 (low; bug #605152)
[lenny] - gquilt <no-dsa> (Minor issue)
CVE-2010-XXXX [python path]
- - snappea <unfixed> (low; bug #605151)
+ - snappea 3.0d3-20 (low; bug #605151)
[lenny] - snappea <no-dsa> (Minor issue)
CVE-2010-XXXX [python path]
- dlr-languages 20090805+git.e6b28d27+dfsg-3 (low; bug #605158)
@@ -428,7 +428,8 @@
- gnome-schedule <unfixed> (low; bug #605169)
[lenny] - gnome-schedule <no-dsa> (Minor issue)
CVE-2010-XXXX [python path]
- - gnumed-client <unfixed> (low; bug #605159)
+ - gnumed-client 0.8.5-1 (low; bug #605159)
+ [squeeze] - gnumed-client 0.7.10-1
[lenny] - gnumed-client <no-dsa> (Minor issue)
CVE-2010-XXXX [python path]
- distcc 3.1-3.2 (low; bug #605168)
@@ -745,8 +746,7 @@
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and
earlier ...)
- libsdp 1.1.99-2.1 (bug #603841)
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the
Manager ...)
- - tomcat6 <unfixed>
- TODO: check
+ - tomcat6 <unfixed> (bug #606388)
CVE-2010-4171
RESERVED
- systemtap 1.2-3 (bug #603946)
@@ -1456,8 +1456,7 @@
{DSA-2126-1}
- linux-2.6 2.6.32-28 (low)
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in
fcgid_bucket.c ...)
- - libapache2-mod-fcgid <unfixed> (bug #605484)
- TODO: check
+ - libapache2-mod-fcgid 1:2.3.6-1 (bug #605484)
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- mahara <not-affected> (Vulnerable feature introduced in 1.3)
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly
handle ...)