Author: jmm Date: 2012-01-31 07:52:14 +0000 (Tue, 31 Jan 2012) New Revision: 18339 Modified: data/CVE/list data/next-point-update.txt Log: squeeze 6.0.4, part 3 Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-31 07:46:07 UTC (rev 18338) +++ data/CVE/list 2012-01-31 07:52:14 UTC (rev 18339) @@ -3218,10 +3218,13 @@ [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) CVE-2011-4603 (The silc_channel_message function in ops.c in the SILC protocol plugin ...) - pidgin 2.10.1-1 (low) + [squeeze] - pidgin 2.7.3-1+squeeze2 CVE-2011-4602 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ...) - pidgin 2.10.1-1 (low) + [squeeze] - pidgin 2.7.3-1+squeeze2 CVE-2011-4601 (family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin ...) - pidgin 2.10.1-1 (low) + [squeeze] - pidgin 2.7.3-1+squeeze2 CVE-2011-4600 RESERVED CVE-2011-4599 @@ -4888,15 +4891,14 @@ CVE-2011-4029 RESERVED - xorg-server 2:1.11.1.901-2 (low) - [squeeze] - xorg-server <no-dsa> (Minor issue, will be fixed in a point update) + [squeeze] - xorg-server 2:1.7.7-14 [lenny] - xorg-server <no-dsa> (Minor issue) NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4 NOTE: this has a poc now: http://vladz.devzero.fr/Xorg-CVE-2011-4029.txt - TODO: max impact is info disclosure, which tends to be treated w low urgency, but this allows reading of any file, e.g. /etc/shadow, so should urgency be higher? CVE-2011-4028 RESERVED - xorg-server 2:1.11.1.901-2 (low) - [squeeze] - xorg-server <no-dsa> (Minor issue, will be fixed in a point update) + [squeeze] - xorg-server 2:1.7.7-14 [lenny] - xorg-server <no-dsa> (Minor issue) NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34 CVE-2011-4027 @@ -6311,7 +6313,7 @@ - joomla <itp> (bug #571794) CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in in ...) - pidgin 2.10.1-1 (unimportant) - NOTE: http://developer.pidgin.im/ticket/14636 + [squeeze] - pidgin 2.7.3-1+squeeze2 NOTE: relatively obscure client crash CVE-2011-3593 RESERVED @@ -6934,7 +6936,7 @@ [lenny] - php5 <not-affected> (Introduced in 5.3.7) CVE-2011-3378 (RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote ...) - rpm 4.9.1.2-1 (low; bug #645325) - [squeeze] - rpm <no-dsa> (rpm isn''t used a a package manager, very limited attack vector) + [squeeze] - rpm 4.8.1-6+squeeze1 [lenny] - rpm <no-dsa> (rpm isn''t used a a package manager, very limited attack vector) CVE-2011-3377 RESERVED @@ -7527,7 +7529,7 @@ CVE-2010-4818 [X.org multiple input sanitization flaws] RESERVED - xorg-server 2:1.9.99.902-1 - [squeeze] - xorg-server <no-dsa> (Minor issue, will be fixed in a point update) + [squeeze] - xorg-server 2:1.7.7-4 [lenny] - xorg-server <no-dsa> (Minor issue) NOTE: As per https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4818 three commits with theoretical sec impact: NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543 @@ -8316,7 +8318,7 @@ RESERVED - xpdf 3.02-19 (low; bug #635849) [lenny] - xpdf <no-dsa> (zxpdf script is indeed affected, but it''s not associated with pdf handling by default, so not a concern for remote abuse) - [squeeze] - xpdf <no-dsa> (zxpdf script is indeed affected, but it''s not associated with pdf handling by default, so not a concern for remote abuse) + [squeeze] - xpdf 3.02-12+squeeze1 CVE-2011-2901 Xen <= 3.3 DoS due to incorrect virtual address validation RESERVED - xen <not-affected> (Only affects Xen <= 3.3) @@ -11230,6 +11232,7 @@ NOT-FOR-US: Silverlight CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow ...) - tinyproxy 1.8.2-2 (unimportant; bug #627503) + [squeeze] - tinyproxy 1.8.2-1squeeze2 NOTE: Only exploitable through config files, which are under admin control CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...) NOT-FOR-US: Ubuntu-specific language-selector package @@ -12038,7 +12041,7 @@ NOTE: "...code path in question is no longer reachable..." not sure when this was fixed CVE-2011-1575 (The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ...) - pure-ftpd 1.0.30-1 (low) - [squeeze] - pure-ftpd <no-dsa> (Will be fixed in stable point update) + [squeeze] - pure-ftpd 1.0.28-3+squeeze1 [lenny] - pure-ftpd <no-dsa> (Minor issue) CVE-2011-1574 (Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in ...) {DSA-2226-1} Modified: data/next-point-update.txt ==================================================================--- data/next-point-update.txt 2012-01-31 07:46:07 UTC (rev 18338) +++ data/next-point-update.txt 2012-01-31 07:52:14 UTC (rev 18339) @@ -1,25 +1,3 @@ -CVE-2011-4029 - [squeeze] - xorg-server 2:1.7.7-14 -CVE-2011-4028 - [squeeze] - xorg-server 2:1.7.7-14 -CVE-2010-4818 - [squeeze] - xorg-server 2:1.7.7-14 -CVE-2011-3378 - [squeeze] - rpm 4.8.1-6+squeeze1 -CVE-2011-2902 - [squeeze] - xpdf 3.02-12+squeeze1 -CVE-2011-1843 - [squeeze] - tinyproxy 1.8.2-1squeeze2 CVE-2011-4617 [squeeze] - python-virtualenv 1.4.9-3squeeze1 -CVE-2011-3594 - [squeeze] - pidgin 2.7.3-1+squeeze2 -CVE-2011-4601 - [squeeze] - pidgin 2.7.3-1+squeeze2 -CVE-2011-4602 - [squeeze] - pidgin 2.7.3-1+squeeze2 -CVE-2011-4603 - [squeeze] - pidgin 2.7.3-1+squeeze2 -CVE-2011-1575 - [squeeze] - pure-ftpd 1.0.28-3+squeeze1