Author: jmm Date: 2011-02-16 09:01:39 +0000 (Wed, 16 Feb 2011) New Revision: 16159 Modified: data/CVE/list data/ospu-candidates.txt data/spu-candidates.txt Log: mailman CVEfied magpierss no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-16 07:40:33 UTC (rev 16158) +++ data/CVE/list 2011-02-16 09:01:39 UTC (rev 16159) @@ -100,10 +100,6 @@ TODO: check CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...) TODO: check -CVE-2011-XXXX [unspecified XSS vulnerability] - - mailman <unfixed> - NOTE: present in 2.1.14 and earlier - NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html CVE-2008-XXXX [path traversal in CGIHTTPServer] - python2.5 <unfixed> - python2.4 <removed> @@ -704,7 +700,9 @@ CVE-2011-0741 (Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution ...) NOT-FOR-US: ModX CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...) - - magpierss <unfixed> (bug #611940) + - magpierss 0.72-10 (low; bug #611940) + [squeeze] - magpierss <no-dsa> (Minor issue) + [lenny] - magpierss <no-dsa> (Minor issue) CVE-2011-0739 (The deliver function in the sendmail delivery agent ...) NOT-FOR-US: Ruby mail gem CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...) @@ -747,7 +745,7 @@ CVE-2011-0721 [chfn/chsh newline injection] RESERVED {DSA-2164-1} - - shadow <unfixed> + - shadow 1:4.1.4.2+svn3283-3 [lenny] - shadow <not-affected> (Vulnerable code not present) CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...) NOT-FOR-US: Immo Makler @@ -784,8 +782,11 @@ RESERVED CVE-2011-0708 RESERVED -CVE-2011-0707 +CVE-2011-0707 [unspecified XSS vulnerability] RESERVED + - mailman <unfixed> + NOTE: present in 2.1.14 and earlier + NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html CVE-2011-0706 RESERVED CVE-2011-0705 [path traversal in SimpleHTTPServer] Modified: data/ospu-candidates.txt ==================================================================--- data/ospu-candidates.txt 2011-02-16 07:40:33 UTC (rev 16158) +++ data/ospu-candidates.txt 2011-02-16 09:01:39 UTC (rev 16159) @@ -371,6 +371,11 @@ -- +magpierss (CVE-2011-0740) +#611940 + +-- + makepasswd (no CVE ID) #564559 notified maintainer Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2011-02-16 07:40:33 UTC (rev 16158) +++ data/spu-candidates.txt 2011-02-16 09:01:39 UTC (rev 16159) @@ -30,6 +30,11 @@ -- +magpierss (CVE-2011-0740) +#611940 + +-- + tesseract (CVE-2011-XXXX) #612032