Author: nion
Date: 2011-01-16 01:44:23 +0000 (Sun, 16 Jan 2011)
New Revision: 15892
Modified:
data/CVE/list
Log:
CVE-2010-2934,CVE-2010-2812 are non issues. I got no idea why the upstream
commit claims that
the ping issue can be caused from a client. From what I see this is a code path
that could only
be triggered by a rogue server, no ctcp involved at this point. CVE-2010-2934
requires a requires
an authenticated user...
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-01-16 01:34:33 UTC (rev 15891)
+++ data/CVE/list 2011-01-16 01:44:23 UTC (rev 15892)
@@ -5574,7 +5574,8 @@
{DSA-2099-1}
- openoffice.org 1:3.2.1-6
CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote
...)
- - znc 0.092-2 (bug #599708)
+ - znc 0.092-2 (unimportant; bug #599708)
+ [lenny] - znc <no-dsa> (Minor issue)
CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows
remote ...)
NOT-FOR-US: AV Arcade
CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
@@ -5882,7 +5883,8 @@
- squirrelmail 2:1.4.21-1 (low)
[lenny] - squirrelmail <no-dsa> (low-risk issue)
CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
- - znc 0.092-2 (bug #599708)
+ - znc 0.092-2 (unimportant; bug #599708)
+ [lenny] - znc <no-dsa> (Minor issue)
CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
NOT-FOR-US: Red Hat Virtual Desktop Server Manager
CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in
...)