Author: jmm Date: 2011-07-04 07:28:33 +0000 (Mon, 04 Jul 2011) New Revision: 16886 Modified: data/CVE/list Log: asterisk fixed new groff issue unimportant, another groff issue CVEfied new firefox issue not affecting debian releases Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-07-03 19:53:48 UTC (rev 16885) +++ data/CVE/list 2011-07-04 07:28:33 UTC (rev 16886) @@ -89,9 +89,11 @@ CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a WebGL ...) TODO: check CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote ...) - TODO: check + - xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable) + - iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable) CVE-2009-5082 (The (1) configure and (2) config.guess scripts in GNU troff (aka ...) - TODO: check + - groff 1.20.1-5 (unimportant; bug #538338) + NOTE: Only exploitable during build CVE-2009-5081 (The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) ...) TODO: check CVE-2009-5080 (The (1) contrib/eqn2graph/eqn2graph.sh, (2) ...) @@ -99,7 +101,9 @@ CVE-2009-5079 (The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) ...) TODO: check CVE-2009-5078 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 ...) - TODO: check + - groff 1.20.1-5 (low; bug #538338) + [etch] - groff <not-affected> (pdfroff not yet present) + [lenny] - groff <not-affected> (pdfroff not yet present) CVE-2011-2597 RESERVED CVE-2011-2596 @@ -226,7 +230,7 @@ - movabletype-opensource 4.3.7+dfsg-1 (bug #631437) CVE-2011-2536 [AST-2011-011] RESERVED - - asterisk <unfixed> (bug #632029) + - asterisk 1:1.8.4.4~dfsg-1 (bug #632029) CVE-2011-XXXX [pyro: pidfile in /tmp, opened insecurely] - pyro <unfixed> (bug #631912) CVE-2011-2534 (Buffer overflow in the clusterip_proc_write function in ...) @@ -26853,11 +26857,6 @@ [etch] - bugzilla <no-dsa> (minor issue) [lenny] - bugzilla <no-dsa> (minor issue) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495257 -CVE-2009-XXXX [groff: insecure usage of gs] - - groff 1.20.1-5 (low; bug #538338) - [etch] - groff <not-affected> (pdfroff not yet present) - [lenny] - groff <not-affected> (pdfroff not yet present) - NOTE: requested CVE ids CVE-2009-5044 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows ...) - groff 1.20.1-5 (low; bug #538330) [etch] - groff <not-affected> (pdfroff not yet present)