Author: jmm Date: 2011-08-23 21:16:02 +0000 (Tue, 23 Aug 2011) New Revision: 17113 Modified: data/CVE/list data/spu-candidates.txt Log: - pidgin CVEfied (not-affected, no-dsa) - new kernel issue - tcptrack fixed - mantis not affected in stable/oldstable Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-08-23 08:06:06 UTC (rev 17112) +++ data/CVE/list 2011-08-23 21:16:02 UTC (rev 17113) @@ -1,5 +1,9 @@ CVE-2011-3265 (popup.php in Zabbix before 1.8.7 allows remote attackers to read the ...) TODO: check +CVE-2011-XXXX [mantis XSS] + - mantis 1.2.6-1 (bug #638321) + [squeeze] - mantis <not-affected> (Only affects Mantis 1.1) + [lenny] - mantis <not-affected> (Only affects Mantis 1.1) CVE-2011-3264 (Zabbix before 1.8.6 allows remote attackers to obtain sensitive ...) TODO: check CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows ...) @@ -160,8 +164,11 @@ RESERVED CVE-2011-3185 RESERVED -CVE-2011-3184 + - pidgin <not-affected> (Windows-specific) +CVE-2011-3184 [pidgin MSN DoS] RESERVED + - pidgin 2.10.0-1 (low) + [squeeze] - pidgin <no-dsa> (Minor issue) CVE-2011-3183 RESERVED CVE-2011-3182 @@ -210,10 +217,6 @@ RESERVED CVE-2010-4815 RESERVED -CVE-2011-XXXX [pidgin MSN DoS] - - pidgin 2.10.0-1 -CVE-2011-XXXX [mantis XSS] - - mantis 1.2.6-1 (bug #638321) CVE-2011-3169 RESERVED CVE-2011-3168 @@ -813,6 +816,7 @@ RESERVED CVE-2011-2928 RESERVED + - linux-2.6 <unfixed> CVE-2011-2927 RESERVED CVE-2011-2926 @@ -872,7 +876,7 @@ TODO: check CVE-2011-2903 RESERVED - - tcptrack <unfixed> (unimportant; bug #551092) + - tcptrack 1.4.2-1 (unimportant; bug #551092) CVE-2011-2902 [xpdf: insecure tempfile usage] RESERVED - xpdf 3.02-19 (low; bug #635849) Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2011-08-23 08:06:06 UTC (rev 17112) +++ data/spu-candidates.txt 2011-08-23 21:16:02 UTC (rev 17113) @@ -51,6 +51,9 @@ pidgin (CVE-2011-XXXX, CVE-2011-1091) http://www.pidgin.im/news/security/?id=50 +CVE-2011-3184 +http://developer.pidgin.im/viewmtn/revision/info/16af0661899a978b4fedc1c165965b85009013d1 + -- prosody (CVE-2011-2205)