thr3ads.net - Secure testing commits - [Secure-testing-commits] r17003

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2011-Jul-26 20:53 UTC

[Secure-testing-commits] r17003 - data/CVE

Author: jmm
Date: 2011-07-26 20:53:45 +0000 (Tue, 26 Jul 2011)
New Revision: 17003

Modified:
   data/CVE/list
Log:
- new kdeutils issue
- new glpi issue (unimportant)
- new busybox issue
- new systemtap issues
- NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-07-26 20:15:30 UTC (rev 17002)
+++ data/CVE/list	2011-07-26 20:53:45 UTC (rev 17003)
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [ark directory traversal]
+	- kdeutils <unfixed> (bug #635541)
 CVE-2011-2883 (The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix
Access ...)
 	NOT-FOR-US: Citrix Access Gateway
 CVE-2011-2882 (Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX
control ...)
@@ -327,8 +329,10 @@
 	RESERVED
 CVE-2011-2721
 	RESERVED
-CVE-2011-2720
+CVE-2011-2720 [glpi: Insufficient blacklist]
 	RESERVED
+	- glpi <unfixed> (unimportant)
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2011-2719 [PMASA-2011-12 phpMyAdmin Possible superglobal and local
variables manipulation in swekey authentication.]
 	RESERVED
 	- phpmyadmin 4:3.4.3.2-1 (low)
@@ -340,18 +344,23 @@
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2717
 	RESERVED
+	NOT-FOR-US: udhcp6c
 CVE-2011-2716
 	RESERVED
+	- busybox <unfixed> (bug #635548)
 CVE-2011-2715
 	RESERVED
+	NOT-FOR-US: Drupal data module
 CVE-2011-2714
 	RESERVED
+	NOT-FOR-US: Drupal data module
 CVE-2011-2713
 	RESERVED
 CVE-2011-2712
 	RESERVED
 CVE-2011-2711
 	RESERVED
+	NOT-FOR-US: cgit
 CVE-2011-2710
 	RESERVED
 CVE-2011-2709
@@ -891,8 +900,10 @@
 	RESERVED
 CVE-2011-2503
 	RESERVED
+	- systemtap <unfixed> (bug #635542)
 CVE-2011-2502
 	RESERVED
+	- systemtap <unfixed> (bug #635542)
 CVE-2011-2501 (The png_format_buffer function in pngerror.c in libpng 1.0.x
before ...)
 	- libpng 1.2.44-3 (bug #632786)
 	[lenny] - libpng <no-dsa> (Minor issue)
@@ -1583,7 +1594,7 @@
 CVE-2011-2195
 	RESERVED
 CVE-2011-2193 (Multiple buffer overflows in Terascale Open-Source Resource and
Queue ...)
-	- torque 2.4.15+dfsg-1
+	- torque 2.4.15+dfsg-1 (bug #635342)
 CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl
...)
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)

Secure testing commits - Jul 2011 - r17003 - data/CVE

[Secure-testing-commits] r17003 - data/CVE