automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14103 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Joey Hess <joeyh@debian.org> 2010-02-15 21:14:57 +0000
committer: Joey Hess <joeyh@debian.org> 2010-02-15 21:14:57 +0000
commit: a62dffb52c019bd132c5e8d385c6aff7e68b5956 (patch)
tree: 178a2980eb568f60dcfb6bff0af4bc5c99ffc3b9
parent: 6b43abfaddf74fc78d86039b19fc97a16beb9228 (diff)
3 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 4544222043..7df6c3086d 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -1,5 +1,5 @@
-CVE-2001-1586
-	RESERVED
+CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier ...)
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-1585 (SSH protocol 2 (aka SSH-2) public key authentication in the ...)
 	- openssh <not-affected> (fixed in 2001)
 CVE-2001-1584 (CardBoard 2.4 greeting card CGI by Michael Barretto allows remote ...)
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index e6e66b546c..b22461d80d 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -858,8 +858,7 @@ CVE-2009-4276
 	RESERVED
 CVE-2009-4275
 	RESERVED
-CVE-2009-4274 [stack-based buffer overflow in netpbm's XPM reader]
-	RESERVED
+CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm ...)
 	- netpbm-free <unfixed> (medium; bug #569060)
 CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to execute ...)
 	- systemtap 1.1-1
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index e35b95f08b..2d6ef12ee3 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1,21 +1,27 @@
+CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
+	TODO: check
+CVE-2010-0629
+	RESERVED
+CVE-2010-0628
+	RESERVED
 CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues]
 	- couchdb <unfixed> (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
 	NOTE: http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf@mid.deneb.enyo.de%3E
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5
-CVE-2010-0637
+CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0636
+CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0635
+CVE-2010-0635 (SQL injection vulnerability in the plgSearchEventsearch::onSearch ...)
 	NOT-FOR-US: JEvents Search plugin for Joomla!
-CVE-2010-0633
+CVE-2010-0633 (Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and ...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2010-0632
+CVE-2010-0632 (SQL injection vulnerability in the Parkview Consultants SimpleFAQ ...)
 	NOT-FOR-US: Parkview Consultants SimpleFAQ component for Joomla!
-CVE-2010-0631
+CVE-2010-0631 (Multiple SQL injection vulnerabilities in index.php in Eicra Car ...)
 	NOT-FOR-US: Eicra Car Rental-Script
-CVE-2010-0630
+CVE-2010-0630 (SQL injection vulnerability in viewjokes.php in Evernew Free Joke ...)
 	NOT-FOR-US: Evernew Free Joke Script
 CVE-2010-0627
 	RESERVED
@@ -410,8 +416,7 @@ CVE-2010-0448
 	RESERVED
 CVE-2010-0447
 	RESERVED
-CVE-2010-0446
-	RESERVED
+CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 with ...)
 	NOT-FOR-US: HP DreamScreen
 CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, ...)
 	NOT-FOR-US: HP Network Node Manager
@@ -784,8 +789,7 @@ CVE-2010-XXXX [zenoss sql injection]
 CVE-2010-XXXX [zenoss csrf]
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
-CVE-2010-0309 [linux kvm pit_ioport_read() DoS]
-	RESERVED
+CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT) ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8 
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -802,8 +806,7 @@ CVE-2010-0307 [denial-of-service on amd64]
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0306 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0306 (The x86 emulator in KVM 83, when a guest is configured for Symmetric ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -830,15 +833,13 @@ CVE-2010-0299 [unrestrictive permissions for devtmpfs root directory could lead
 	RESERVED
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <removed>
-CVE-2010-0298 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege Level ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0297 [kvm userspace usb-linux.c buffer overflow]
-	RESERVED
+CVE-2010-0297 (Buffer overflow in the usb_host_handle_control function in the USB ...)
 	- qemu-kvm 0.11.1+dfsg-1
 	- kvm <removed>
 CVE-2010-0296
author	Joey Hess <joeyh@debian.org>	2010-02-15 21:14:57 +0000
committer	Joey Hess <joeyh@debian.org>	2010-02-15 21:14:57 +0000
commit	a62dffb52c019bd132c5e8d385c6aff7e68b5956 (patch)
tree	178a2980eb568f60dcfb6bff0af4bc5c99ffc3b9
parent	6b43abfaddf74fc78d86039b19fc97a16beb9228 (diff)