thr3ads.net - Secure testing commits - [Secure-testing-commits] r16468

If this information is useful, please help other people find it:
Share via:

Joey Hess

2011-Apr-01 21:16 UTC

[Secure-testing-commits] r16468 - data/CVE

Author: joeyh
Date: 2011-04-01 21:16:22 +0000 (Fri, 01 Apr 2011)
New Revision: 16468

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-04-01 14:48:16 UTC (rev 16467)
+++ data/CVE/list	2011-04-01 21:16:22 UTC (rev 16468)
@@ -1,3 +1,9 @@
+CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf
before ...)
+	TODO: check
+CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used
in ...)
+	TODO: check
+CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and
other ...)
+	TODO: check
 CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/
...)
 	- logrotate <unfixed>
 CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory
uses ...)
@@ -972,11 +978,9 @@
 	- apache2 2.2.17-2 (bug #618857; medium)
 	[lenny] - apache2 <not-affected> (different source package in lenny:
apache2-mpm-itk)
 	[lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in
2.2.11-01)
-CVE-2011-1175
-	RESERVED
+CVE-2011-1175 (tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x
before ...)
 	- asterisk <unfixed>
-CVE-2011-1174
-	RESERVED
+CVE-2011-1174 (manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24,
1.6.2.x ...)
 	- asterisk <unfixed>
 CVE-2011-1173
 	RESERVED
@@ -1742,8 +1746,8 @@
 	RESERVED
 CVE-2011-0964
 	RESERVED
-CVE-2011-0963
-	RESERVED
+CVE-2011-0963 (The default configuration of the RADIUS authentication feature
on the ...)
+	TODO: check
 CVE-2011-0962
 	RESERVED
 CVE-2011-0961
@@ -2198,8 +2202,7 @@
 	RESERVED
 CVE-2011-0765
 	RESERVED
-CVE-2011-0764 [xpdf/t1lib arbitrary code execution vuln]
-	RESERVED
+CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and
other ...)
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
 	- t1lib <unfixed>
@@ -2318,8 +2321,7 @@
 	RESERVED
 CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py
in ...)
 	- loggerhead 1.18.1-1
-CVE-2011-0727
-	RESERVED
+CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users
to ...)
 	{DSA-2205-1}
 	- gdm3 <unfixed>
 CVE-2011-0726
@@ -6970,8 +6972,7 @@
 CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9,
in ...)
 	- freeradius 2.1.10+dfsg-1 (bug #600176)
 	[lenny] - freeradius <not-affected> (Vulnerable code not present)
-CVE-2010-3695 [XSS vulnerability in the Fetchmail configuration]
-	RESERVED
+CVE-2010-3695 (Cross-site scripting (XSS) vulnerability in fetchmailprefs.php
in ...)
 	{DSA-2204-1}
 	- imp4 4.3.7+debian0-2.1 (bug #598584; low)
 	NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html

Secure testing commits - Apr 2011 - r16468 - data/CVE

[Secure-testing-commits] r16468 - data/CVE