Secure testing commits - Apr 2011 - r16519 - data/CVE

Author: joeyh
Date: 2011-04-12 21:14:41 +0000 (Tue, 12 Apr 2011)
New Revision: 16519

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-04-12 12:48:50 UTC (rev 16518)
+++ data/CVE/list	2011-04-12 21:14:41 UTC (rev 16519)
@@ -281,8 +281,8 @@
 	RESERVED
 CVE-2009-5066
 	RESERVED
-CVE-2009-5065
-	RESERVED
+CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in
Universal ...)
+	TODO: check
 CVE-2011-XXXX [drupal6-mod-tagadelic XSS]
 	- drupal6-mod-tagadelic 1.3-1 (low)
 	NOTE: DRUPAL-SA-CONTRIB-2011-013
@@ -475,8 +475,8 @@
 	RESERVED
 CVE-2011-1488
 	RESERVED
-CVE-2011-1487
-	RESERVED
+CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in
Perl ...)
+	TODO: check
 CVE-2011-1486
 	RESERVED
 CVE-2011-1485
@@ -725,9 +725,9 @@
 	RESERVED
 CVE-2011-1402
 	RESERVED
-CVE-2011-1401
-	RESERVED
+CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the
htmlscrubber ...)
 	{DSA-2214-1}
+	TODO: check
 CVE-2011-1400 (The default configuration of the shell_escape_commands directive
in ...)
 	{DSA-2198-1}
 	- tex-common 2.09
@@ -1331,20 +1331,17 @@
 	RESERVED
 CVE-2011-1159
 	RESERVED
-CVE-2011-1158 [sanitizer doesn''t strip unsafe URI schemes]
-	RESERVED
+CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in
Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
 	NOTE: https://code.google.com/p/feedparser/issues/detail?id=255
-CVE-2011-1157 [sanitization can be bypassed by malformed XML comments]
-	RESERVED
+CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in
Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
 	NOTE: https://code.google.com/p/feedparser/issues/detail?id=254
-CVE-2011-1156 [invalid text in XML declaration causes sanitizer to crash]
-	RESERVED
+CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)