diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2010-11-01 18:49:59 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-11-01 18:49:59 +0000 |
commit | 91c2f9e3bd68a9ecbb103395290de8d9abf3addf (patch) | |
tree | 3640823d6925bcaa7f84624ea3ffd755c4c80987 | |
parent | f47b2b73edbe5cc7c16ddf00012bdb33c53bfb96 (diff) |
- new weborf issue, mark package as problematic
- mailscanner no-dsa/unimportant
- vdr, magic++, teamspeak-server fixed
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15544 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 11 | ||||
-rw-r--r-- | data/problematic-packages | 5 |
2 files changed, 12 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index f1e49a1bb9..e6e7696c02 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,5 +1,7 @@ CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...) TODO: check +CVE-2010-XXXX + - weborf 0.12.4-1 CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...) TODO: check CVE-2010-4119 @@ -1808,7 +1810,7 @@ CVE-2010-3395 CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...) - texmacs 1:1.0.7.4-3 (bug #598424) CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...) - - magics++ <unfixed> (bug #598418) + - magics++ 2.10.0.dfsg-5.1 (bug #598418) CVE-2010-3392 RESERVED CVE-2010-3391 @@ -1820,7 +1822,7 @@ CVE-2010-3389 (The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource A CVE-2010-3388 RESERVED CVE-2010-3387 (** DISPUTED ** ...) - - vdr <unfixed> (unimportant; bug #598308) + - vdr 1.6.0-19.1 (unimportant; bug #598308) NOTE: Only affects a debugging tool, see bug #598308 CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...) - ust 0.7-2.1 (bug #598309) @@ -1833,7 +1835,7 @@ CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...) - teamspeak-client <unfixed> (low; bug #598304) [lenny] - teamspeak-client <no-dsa> (Non-free not supported) - - teamspeak-server <unfixed> (low; bug #598305) + - teamspeak-server 2.0.24.1+debian-1.1 (low; bug #598305) [lenny] - teamspeak-server <no-dsa> (Non-free not supported) CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...) - tau 2.16.4-1.4 (bug #598303) @@ -2081,11 +2083,12 @@ CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Altern NOTE: and is distributed gzip-compressed CVE-2010-3293 [mailscanner virus updates DoS] RESERVED - - mailscanner <unfixed> (bug #596397; low) + - mailscanner <unfixed> (bug #596397; unimportant) NOTE: or even unimportant, the script is not used by default CVE-2010-3292 [mailscanner may use spoofed data] RESERVED - mailscanner <unfixed> (bug #596396; low) + [squeeze] - mailscanner <no-dsa> (Minor issue) CVE-2010-3278 REJECTED CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...) diff --git a/data/problematic-packages b/data/problematic-packages index 5fd3156626..a140e4f02b 100644 --- a/data/problematic-packages +++ b/data/problematic-packages @@ -15,3 +15,8 @@ pinged maintainer on 2009-11-29, maintainer reacted promptly libmikmod (Mar 2010) maintainer seems MIA, latest upload in 2004 + +-- + +weborf (Nov 2010) +Every new upstream fixes new vulnerabilities, dropped from Squeeze
\ No newline at end of file |