Ubuntu CVE Tracker

Merge lp:~ari-tczew/ubuntu-cve-tracker/updates into lp:~ubuntu-security/ubuntu-cve-tracker/master

  1. updates
  2. Merge into master
Proposed by Artur Rona
Status: Merged
Merged at revision: 2948
Proposed branch: lp:~ari-tczew/ubuntu-cve-tracker/updates
Merge into: lp:~ubuntu-security/ubuntu-cve-tracker/master
Diff against target: 100 lines (+15/-12)
6 files modified
active/CVE-2009-2762 (+6/-4)
active/CVE-2009-3622 (+1/-0)
active/CVE-2010-0004 (+3/-3)
active/CVE-2010-0005 (+3/-3)
active/CVE-2010-0132 (+1/-1)
active/CVE-2010-0682 (+1/-1)
To merge this branch: bzr merge lp:~ari-tczew/ubuntu-cve-tracker/updates
Reviewer Review Type Date Requested Status
Ubuntu Security Team Pending
Review via email: mp+33629@code.launchpad.net
To post a comment you must log in.
lp:~ari-tczew/ubuntu-cve-tracker/updates updated
2947. By Marc Deslauriers

- retire tomcat6 and moin CVEs with USNs

2948. By Steve Beattie

Merge from Artur Rona: update wordpress and viewvc CVEs. Thanks Artur!

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'active/CVE-2009-2762'
2--- active/CVE-2009-2762 2010-04-29 18:36:33 +0000
3+++ active/CVE-2009-2762 2010-08-25 12:55:58 +0000
4@@ -9,17 +9,19 @@
5 which bypasses a check that assumes that $key is not an array.
6 Ubuntu-Description:
7 Notes:
8+ ari-tczew> Exploit: http://www.securityfocus.com/bid/36014/exploit
9 Bugs:
10 Priority: medium
11 Discovered-by:
12 Assigned-to:
13
14 Patches_wordpress:
15-upstream_wordpress: needs-triage
16+ http://core.trac.wordpress.org/changeset/11798
17+upstream_wordpress: released (2.8.4)
18 dapper_wordpress: ignored (reached end-of-life)
19 hardy_wordpress: needed
20 intrepid_wordpress: needed (reached end-of-life)
21 jaunty_wordpress: needed
22-karmic_wordpress: needed
23-lucid_wordpress: needed
24-devel_wordpress: needed
25+karmic_wordpress: not-affected (2.8.4-1ubuntu1)
26+lucid_wordpress: not-affected (2.8.4-1ubuntu1)
27+devel_wordpress: not-affected (2.8.4-1ubuntu1)
28
29=== modified file 'active/CVE-2009-3622'
30--- active/CVE-2009-3622 2010-04-29 18:36:33 +0000
31+++ active/CVE-2009-3622 2010-08-25 12:55:58 +0000
32@@ -10,6 +10,7 @@
33 related to the mb_convert_encoding function in PHP.
34 Ubuntu-Description:
35 Notes:
36+ ari-tczew> Exploit: http://codes.zerial.org/php/wp-trackbacks_dos.phps
37 Bugs:
38 Priority: medium
39 Discovered-by:
40
41=== modified file 'active/CVE-2010-0004'
42--- active/CVE-2010-0004 2010-04-29 18:36:33 +0000
43+++ active/CVE-2010-0004 2010-08-25 12:55:58 +0000
44@@ -14,11 +14,11 @@
45 Assigned-to:
46
47 Patches_viewvc:
48-upstream_viewvc: needs-triage
49+upstream_viewvc: released (1.1.3)
50 dapper_viewvc: DNE
51 hardy_viewvc: needs-triage
52 intrepid_viewvc: needs-triage (reached end-of-life)
53 jaunty_viewvc: needs-triage
54 karmic_viewvc: needs-triage
55-lucid_viewvc: needs-triage
56-devel_viewvc: needs-triage
57+lucid_viewvc: needed
58+devel_viewvc: not-affected (1.1.5-1)
59
60=== modified file 'active/CVE-2010-0005'
61--- active/CVE-2010-0005 2010-04-29 18:36:33 +0000
62+++ active/CVE-2010-0005 2010-08-25 12:55:58 +0000
63@@ -15,11 +15,11 @@
64 Assigned-to:
65
66 Patches_viewvc:
67-upstream_viewvc: needs-triage
68+upstream_viewvc: released (1.1.3)
69 dapper_viewvc: DNE
70 hardy_viewvc: needs-triage
71 intrepid_viewvc: needs-triage (reached end-of-life)
72 jaunty_viewvc: needs-triage
73 karmic_viewvc: needs-triage
74-lucid_viewvc: needs-triage
75-devel_viewvc: needs-triage
76+lucid_viewvc: needed
77+devel_viewvc: not-affected (1.1.5-1)
78
79=== modified file 'active/CVE-2010-0132'
80--- active/CVE-2010-0132 2010-04-29 18:36:33 +0000
81+++ active/CVE-2010-0132 2010-08-25 12:55:58 +0000
82@@ -22,4 +22,4 @@
83 jaunty_viewvc: needed
84 karmic_viewvc: needed
85 lucid_viewvc: needed
86-devel_viewvc: needed
87+devel_viewvc: not-affected (1.1.5-1)
88
89=== modified file 'active/CVE-2010-0682'
90--- active/CVE-2010-0682 2010-08-22 16:44:28 +0000
91+++ active/CVE-2010-0682 2010-08-25 12:55:58 +0000
92@@ -15,7 +15,7 @@
93 Patches_wordpress:
94 https://core.trac.wordpress.org/changeset/13117
95 https://core.trac.wordpress.org/changeset/13118
96-upstream_wordpress: needs-triage
97+upstream_wordpress: released (2.9.2)
98 dapper_wordpress: ignored (reached end-of-life)
99 hardy_wordpress: needs-triage
100 intrepid_wordpress: needs-triage (reached end-of-life)