Author: jmm Date: 2011-02-04 07:51:00 +0000 (Fri, 04 Feb 2011) New Revision: 16059 Modified: data/CVE/list Log: new openjdk issue new openssh issue doesn''t affect any release update NFU entries to differentiate between Joomla and it''s addons Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-03 23:30:27 UTC (rev 16058) +++ data/CVE/list 2011-02-04 07:51:00 UTC (rev 16059) @@ -1,3 +1,5 @@ +CVE-2011-XXXX [Legacy certificates stack disclosure] + - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7) CVE-2011-0758 RESERVED CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...) @@ -77,11 +79,11 @@ CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...) NOT-FOR-US: Immo Makler CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla JEAuto addon CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla JRadio addon CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla Lyftenbloggie addon CVE-2011-0720 RESERVED CVE-2011-0719 @@ -615,7 +617,7 @@ CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...) - php5 <unfixed> CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...) NOT-FOR-US: Hastymail CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...) @@ -2160,6 +2162,7 @@ NOT-FOR-US: MRCGIGUY FreeTicket CVE-2011-0025 RESERVED + - openjdk-6 6b18-1.8.5-1 CVE-2011-0024 RESERVED CVE-2011-0023