Author: jmm Date: 2011-06-30 16:32:36 +0000 (Thu, 30 Jun 2011) New Revision: 16867 Modified: data/CVE/list Log: glibc fixed new kernel issues new movabletype issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-06-29 21:20:50 UTC (rev 16866) +++ data/CVE/list 2011-06-30 16:32:36 UTC (rev 16867) @@ -1,3 +1,5 @@ +CVE-2011-XXXX [unspecified security vulnerabilities from 4.3.7] + - movabletype-opensource 4.3.7+dfsg-1 (bug #631437) CVE-2011-2536 [AST-2011-011] - asterisk <unfixed> (bug #632029) CVE-2011-XXXX [pyro: pidfile in /tmp, opened insecurely] @@ -105,10 +107,13 @@ - linux-2.6 <unfixed> (low) CVE-2011-2493 RESERVED + - linux-2.6 2.6.39-1 (low) CVE-2011-2492 RESERVED + - linux-2.6 <unfixed> (low) CVE-2011-2491 RESERVED + - linux-2.6 <unfixed> CVE-2011-2490 [opie: missing setuid() retval check in opielogin] RESERVED - opie <unfixed> (bug #631345) @@ -128,7 +133,7 @@ RESERVED - gdk-pixbuf 2.23.3-3.1 (bug #631524) CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...) - TODO: check + - linux-2.6 <unfixed> (low) CVE-2011-2483 [openwall blowfish implementation weakness] RESERVED - libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007) @@ -2281,7 +2286,7 @@ CVE-2011-1660 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) NOT-FOR-US: GrapeCity Data Dynamics Reports CVE-2011-1659 (Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...) - - eglibc <unfixed> + - eglibc 2.13-8 - glibc <removed> NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...)