Author: jmm Date: 2012-02-22 17:18:52 +0000 (Wed, 22 Feb 2012) New Revision: 18515 Modified: data/CVE/list Log: tremulous no-dsa -> contrib qemu-kvm -> not backportable DNS protocol flaws Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-02-22 10:34:58 UTC (rev 18514) +++ data/CVE/list 2012-02-22 17:18:52 UTC (rev 18515) @@ -81,13 +81,13 @@ CVE-2012-1195 (Unrestricted file upload vulnerability in ...) TODO: check CVE-2012-1194 (The resolver in the DNS Server service in Microsoft Windows Server ...) - TODO: check + NOTE: DNS protocol flaw CVE-2012-1193 (The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites ...) - TODO: check + NOTE: DNS protocol flaw CVE-2012-1192 (The resolver in Unbound before 1.4.11 overwrites cached server names ...) - TODO: check + NOTE: DNS protocol flaw CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites ...) - TODO: check + NOTE: DNS protocol flaw CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC ...) TODO: check CVE-2012-0869 [F*X XSS issues via various HTTP parameters in fup] @@ -7869,6 +7869,7 @@ CVE-2011-3346 RESERVED - qemu-kvm 0.15.1+dfsg-1 (bug #646118) + [squeeze] - qemu-kvm <no-dsa> (SCSI support in 0.12 generally broken, no complete fix other than updating to 0.15) CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ...) - ofa-kernel <itp> (bug #541849) CVE-2011-3344 @@ -87706,6 +87707,7 @@ NOT-FOR-US: PHP Pro Publish CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of Quake ...) - tremulous <unfixed> (bug #660830) + [squeeze] - tremulous <no-dsa> (Contrib not supported) - ioquake3 1.36+svn1788j-1 CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4 has ...) NOT-FOR-US: OSADS @@ -89225,6 +89227,7 @@ - awstats 6.5-2 (bug #365909; bug #365910; medium) CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...) - tremulous <unfixed> (bug #660827) + [squeeze] - tremulous <no-dsa> (Contrib not supported) - ioquake3 1.36+svn1788j-1 CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is ...) NOT-FOR-US: Simple Poll