Secure testing commits - May 2011 - r16731 - data/CVE

Author: gilbert-guest
Date: 2011-05-29 20:25:17 +0000 (Sun, 29 May 2011)
New Revision: 16731

Modified:
   data/CVE/list
Log:
record a bunch of bug reports

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-05-29 15:24:07 UTC (rev 16730)
+++ data/CVE/list	2011-05-29 20:25:17 UTC (rev 16731)
@@ -5,15 +5,15 @@
 CVE-2011-2163 (Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM
...)
 	NOT-FOR-US: IBM Systems Director
 CVE-2011-2162 (Multiple unspecified vulnerabilities in FFmpeg 0.4.x through
0.6.x, as ...)
-	- libav <unfixed>
+	- libav <unfixed> (bug #628448)
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
 CVE-2011-2161 (The ape_read_header function in ape.c in libavformat in FFmpeg
before ...)
-	- libav <unfixed>
+	- libav <unfixed> (bug #628448)
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
 CVE-2011-2160 (The VC-1 decoding functionality in FFmpeg before 0.5.4, as used
in ...)
-	- libav <unfixed>
+	- libav <unfixed> (bug #628448)
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
 CVE-2011-2159 (The SmarterTools SmarterStats 6.0 web server omits the
Content-Type ...)
@@ -41,7 +41,7 @@
 CVE-2011-2148 (Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web
server ...)
 	NOT-FOR-US: SmarterStats
 CVE-2011-2147 (Openswan 2.2.x does not properly restrict permissions for (1)
...)
-	- openswan <unfixed> 
+	- openswan <unfixed>  (bug #628449)
 CVE-2011-2146
 	RESERVED
 CVE-2011-2145
@@ -1617,10 +1617,10 @@
 	- otrs2 2.4.10+dfsg1-1
 CVE-2011-1521 [python urllib]
 	RESERVED
-	- python3.1 <unfixed>
+	- python3.1 <unfixed> (bug #628453)
 	- python3.2 3.2-3
 	- python2.7 2.7.1-7
-	- python2.6 <unfixed>
+	- python2.6 <unfixed> (bug #628455)
 	- python2.5 <removed>
 	- python2.4 <removed>
 	NOTE: http://bugs.python.org/issue11662
@@ -3860,7 +3860,7 @@
 	RESERVED
 CVE-2011-0766 [Erlang OTP broken random number generator in SSH implementation]
 	RESERVED
-	- erlang <unfixed>
+	- erlang <unfixed> (bug #628456)
 	NOTE: http://www.kb.cert.org/vuls/id/178990
 	NOTE: https://github.com/erlang/otp/commit/f228601de45c5
 CVE-2011-0765 (Unspecified vulnerability in lft in pWhois Layer Four Traceroute
(LFT) ...)
@@ -5613,9 +5613,9 @@
 CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6
before ...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class
in ...)
-	- ruby1.8 <unfixed>
-	- ruby1.9 <removed>
-	- ruby1.9.1 <unfixed>
+	- ruby1.8 <unfixed> (bug #628452)
+	- ruby1.9 <removed> (bug #628451)
+	- ruby1.9.1 <unfixed> (bug #682450)
 CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows
remote ...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote
attackers to ...)