[Secure-testing-commits] r17808 - data/CVE

Michael Gilbert Fri, 16 Dec 2011 15:13:51 -0800

Author: gilbert-guest
Date: 2011-12-16 23:13:42 +0000 (Fri, 16 Dec 2011)
New Revision: 17808


Modified:
   data/CVE/list
Log:
xorg updates

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-12-16 21:14:23 UTC (rev 17807)
+++ data/CVE/list       2011-12-16 23:13:42 UTC (rev 17808)
@@ -917,8 +917,14 @@
        RESERVED
 CVE-2011-4613 [X launcher permission bypass]
        RESERVED
-       - xorg <unfixed> (bug #652249)
+       - xorg 1:7.6+10 (low; bug #652249)
+       [squeeze] - xorg <no-dsa> (an exposure that needs to be combined with 
other vulnerabilities to have any impact)
        [lenny] - xorg <not-affected> (Introduced in 1:7.4~4)
+CVE-2011-XXXX [X launcher doesn't drop group privileges]
+       - xorg 1:7.6+10 (low)
+       [squeeze] - xorg <no-dsa> (potential privilege handling weakness, no 
known attack vector)
+       [lenny] - xorg <no-dsa> (potential privilege handling weakness, no 
known attack vector)
+       NOTE: 
http://anonscm.debian.org/gitweb/?p=pkg-xorg/debian/xorg.git;a=commitdiff;h=e81b3943be75ca6674867fc7756905490e979522
 CVE-2011-4612
        RESERVED
 CVE-2011-4611


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r17808 - data/CVE

Reply via email to