Author: joeyh
Date: 2011-09-11 21:14:18 +0000 (Sun, 11 Sep 2011)
New Revision: 17212
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-09-11 17:22:24 UTC (rev 17211)
+++ data/CVE/list 2011-09-11 21:14:18 UTC (rev 17212)
@@ -433,6 +433,7 @@
CVE-2011-3206
RESERVED
CVE-2011-3205 (Buffer overflow in the gopherToHTML function in gopher.cc in the
...)
+ {DSA-2304-1}
- squid3 3.1.15-1 (low; bug #639755)
- squid <not-affected> (Only a buffer overflow in Squid 3, see
https://bugzilla.redhat.com/show_bug.cgi?id=734583#c4)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
@@ -1434,6 +1435,7 @@
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/91611
CVE-2011-2818 (Use-after-free vulnerability in Google Chrome before
13.0.782.107 ...)
+ {DSA-2307-1}
- chromium-browser 13.0.782.107~r94237-1
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/91386
@@ -1485,6 +1487,7 @@
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/90936
CVE-2011-2800 (Google Chrome before 13.0.782.107 allows remote attackers to
obtain ...)
+ {DSA-2307-1}
- chromium-browser 13.0.782.107~r94237-1
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/91044
@@ -2675,6 +2678,7 @@
- chromium-browser 13.0.782.107~r94237-1 (unimportant)
- webkit <not-affected> (chromium specific)
CVE-2011-2359 (Google Chrome before 13.0.782.107 does not properly track line
boxes ...)
+ {DSA-2307-1}
- chromium-browser 13.0.782.107~r94237-1
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/90068
@@ -7280,7 +7284,7 @@
CVE-2011-0763
RESERVED
CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before
2.3.3 ...)
- {DSA-2304-1}
+ {DSA-2305-1}
- vsftpd 2.3.4-1 (bug #622741)
[squeeze] - vsftpd 2.3.2-3+squeeze3
[lenny] - vsftpd 2.0.7-1+lenny1
@@ -7411,10 +7415,12 @@
NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
NOTE:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows
remote ...)
+ {DSA-2306-1}
- libav 4:0.6-1
- ffmpeg <unfixed>
- ffmpeg-debian <removed>
CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products,
allows ...)
+ {DSA-2306-1}
- libav 4:0.6-1
- ffmpeg <unfixed>
- ffmpeg-debian <removed>
@@ -7683,7 +7689,7 @@
- ffmpeg-debian <not-affected> (issue introduced in 0.6.x series)
NOTE: recheck when 0.6.x gets uploaded
CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1
and ...)
- {DSA-2165-1}
+ {DSA-2306-1 DSA-2165-1}
- libav 4:0.6.2-1 (low; bug #611495)
- ffmpeg <removed> (low; bug #611495)
- ffmpeg-debian <removed> (low)
@@ -8071,6 +8077,7 @@
- chromium-browser <not-affected> (Chrome PDF plugin)
- webkit <not-affected> (Chrome PDF plugin)
CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder
in ...)
+ {DSA-2306-1}
- ffmpeg <not-affected> (webm not yet supported)
- ffmpeg-debian <not-affected> (webm not supported yet)
- libav 4:0.6.1-1 (bug #610550)
@@ -11553,6 +11560,7 @@
CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in
vtiger ...)
NOT-FOR-US: vtiger CRM
CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products,
allows ...)
+ {DSA-2306-1}
- libav 4:0.6-1
- ffmpeg <unfixed>
- ffmpeg-debian <removed>