Author: gilbert-guest
Date: 2010-12-13 00:10:17 +0000 (Mon, 13 Dec 2010)
New Revision: 15691
Modified:
data/CVE/list
Log:
a couple more kernel issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-12-13 00:02:04 UTC (rev 15690)
+++ data/CVE/list 2010-12-13 00:10:17 UTC (rev 15691)
@@ -3933,6 +3933,7 @@
NOTE: Extremely obscure attack vector, marking as unimportant
CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
- linux-2.6 2.6.32-25
+ [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in
2.6.30)
CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red
Hat ...)
NOT-FOR-US: Apache Qpid
CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before
1.2.2 ...)
@@ -3982,8 +3983,7 @@
{DSA-2126-1}
- linux-2.6 2.6.32-24
CVE-2010-3066 (The io_submit_one function in fs/aio.c in the Linux kernel
before ...)
- - linux-2.6 <unfixed>
- TODO: check
+ - linux-2.6 2.6.23-1
CVE-2010-3064 (Stack-based buffer overflow in the php_mysqlnd_auth_write
function in ...)
- php5 <unfixed> (unimportant)
NOTE: mysqlnd not used in squeeze/sid