Moritz Muehlenhoff
2011-Mar-29 22:17 UTC
[Secure-testing-commits] r16454 - in data: CVE DSA
Author: jmm
Date: 2011-03-29 22:17:13 +0000 (Tue, 29 Mar 2011)
New Revision: 16454
Modified:
data/CVE/list
data/DSA/list
Log:
mahara DSA
openldap updates
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-29 22:14:36 UTC (rev 16453)
+++ data/CVE/list 2011-03-29 22:17:13 UTC (rev 16454)
@@ -1268,7 +1268,9 @@
RESERVED
- linux-2.6 2.6.38-1 (low)
CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote
...)
- TODO: check
+ - openldap <unfixed> (low; bug #617606)
+ [lenny] - openldap <no-dsa> (Minor issue)
+ [squeeze] - openldap <no-dsa> (Minor issue)
CVE-2011-1080
RESERVED
- linux-2.6 <unfixed> (low)
@@ -1437,9 +1439,8 @@
CVE-2011-1026
RESERVED
CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not
require ...)
- - openldap <unfixed> (low; bug #617606)
- [squeeze] - openldap <no-dsa> (Minor issue)
- [lenny] - openldap <not-affected> (Vulnerable code not present,
introduced in 2.4.12)
+ - openldap <unfixed> (unimportant; bug #617606)
+ NOTE: NBD backend disabled in Debian builds
CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a
...)
- openldap <unfixed> (low; bug #617606)
[lenny] - openldap <no-dsa> (Minor issue)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2011-03-29 22:14:36 UTC (rev 16453)
+++ data/DSA/list 2011-03-29 22:17:13 UTC (rev 16454)
@@ -1,3 +1,7 @@
+[29 Mar 2011] DSA-2206-1 mahara - several
+ {CVE-2011-0439 CVE-2011-0440}
+ [squeeze] - mahara 1.2.6-2+squeeze1
+ [lenny] - mahara 1.0.4-4+lenny8
[28 Mar 2011] DSA-2205-1 gdm3 - privilege escalation
{CVE-2011-0727 }
[squeeze] - gdm3 2.30.5-6squeeze2