Moritz Muehlenhoff
2011-May-19 19:52 UTC
[Secure-testing-commits] r16691 - in data: CVE DSA
Author: jmm
Date: 2011-05-19 19:52:11 +0000 (Thu, 19 May 2011)
New Revision: 16691
Modified:
data/CVE/list
data/DSA/list
Log:
CVE assignments
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-05-19 16:53:14 UTC (rev 16690)
+++ data/CVE/list 2011-05-19 19:52:11 UTC (rev 16691)
@@ -449,16 +449,29 @@
RESERVED
CVE-2011-1936
RESERVED
-CVE-2011-1935
+CVE-2011-1935 [packet truncation in libpcap]
RESERVED
-CVE-2011-1934
+ - libpcap <unfixed> (low; bug #623868)
+ [squeeze] - libpcap <no-dsa> (Minor issue)
+ [lenny] - libpcap <no-dsa> (Minor issue)
+CVE-2011-1934 [lilo: lilo.conf world-readable]
RESERVED
+ - lilo 23.1-2 (low; bug #615103)
+ [squeeze] - lilo <not-affected> (Introduced in 23.1)
+ [lenny] - lilo <not-affected> (Introduced in 23.1)
CVE-2011-1933
RESERVED
-CVE-2011-1932
+ - libjifty-dbi-perl 0.68-1 (bug #622919)
+CVE-2011-1932 [directory traversal when receiving world data through a
multiplayer game]
RESERVED
-CVE-2011-1931
+ - widelands 1:15-3 (low; bug #617960)
+ [squeeze] - widelands <no-dsa> (Minor issue)
+ [lenny] - widelands <no-dsa> (Minor issue)
+CVE-2011-1931 [ffmpeg AMV out of array write]
RESERVED
+ - libav 4:0.6.2-3 (bug #624339)
+ - ffmpeg <unfixed>
+ - ffmpeg-debian <removed>
CVE-2011-1930
RESERVED
CVE-2011-1929
@@ -715,14 +728,6 @@
[squeeze] - spip 2.1.1-3squeeze1
CVE-2011-1827
RESERVED
-CVE-2011-XXXX [packet truncation in libpcap]
- - libpcap <unfixed> (low; bug #623868)
- [squeeze] - libpcap <no-dsa> (Minor issue)
- [lenny] - libpcap <no-dsa> (Minor issue)
-CVE-2011-XXXX [ffmpeg AMV out of array write]
- - libav 4:0.6.2-3 (bug #624339)
- - ffmpeg <unfixed>
- - ffmpeg-debian <removed>
CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in
BaconMap ...)
NOT-FOR-US: BaconMap
CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows
remote ...)
@@ -1016,8 +1021,6 @@
NOT-FOR-US: Xymon
CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has
unknown ...)
NOT-FOR-US: Palm WebOS
-CVE-2011-XXXX
- - libjifty-dbi-perl 0.68-1 (bug #622919)
CVE-2011-1717 (Skype for Android stores sensitive user data without encryption
in ...)
NOT-FOR-US: Skype for Android
CVE-2011-1715 (Directory traversal vulnerability in ...)
@@ -2111,10 +2114,6 @@
NOT-FOR-US: Google ChromeOS
CVE-2011-XXXX [gmime segfault]
- gmime2.4 <unfixed> (bug #616366)
-CVE-2011-XXXX [directory traversal when receiving world data through a
multiplayer game]
- - widelands 1:15-3 (low; bug #617960)
- [squeeze] - widelands <no-dsa> (Minor issue)
- [lenny] - widelands <no-dsa> (Minor issue)
CVE-2011-1305 (Race condition in Google Chrome before 11.0.696.57 on Linux and
Mac OS ...)
- chromium-browser 11.0.696.65~r84435-1
- webkit <undetermined>
@@ -2771,10 +2770,6 @@
[squeeze] - python2.6 <no-dsa> (minor issue)
[lenny] - python2.6 <no-dsa> (minor issue)
TODO: are other python versions affected?
-CVE-2011-XXXX [lilo: lilo.conf world-readable]
- - lilo 23.1-2 (low; bug #615103)
- [squeeze] - lilo <not-affected> (Introduced in 23.1)
- [lenny] - lilo <not-affected> (Introduced in 23.1)
CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net
Quick ...)
NOT-FOR-US: FocalMedia.Net Quick Polls
CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c
in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2011-05-19 16:53:14 UTC (rev 16690)
+++ data/DSA/list 2011-05-19 19:52:11 UTC (rev 16691)
@@ -1,3 +1,5 @@
+[19 May 2011] DSA-2238-1 vino - several
+ {CVE-2011-0904 CVE-2011-0905 }
[15 May 2011] DSA-2237-1 apr - denial of service
{CVE-2011-0419}
[lenny] - apr 1.2.12-5+lenny3