[Secure-testing-commits] r18271 - data/CVE

Tue, 24 Jan 2012 07:58:48 -0800 

Author: jmm
Date: 2012-01-24 15:58:40 +0000 (Tue, 24 Jan 2012)
New Revision: 18271

Modified:
   data/CVE/list
Log:
bind fixed
rewrite two older 9.8-only issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-01-24 15:21:28 UTC (rev 18270)
+++ data/CVE/list       2012-01-24 15:58:40 UTC (rev 18271)
@@ -3892,8 +3892,7 @@
        RESERVED
 CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 
9.4-ESV-R5, ...)
        {DSA-2347-1}
-       - bind9 <unfixed> (high; bug #649099)
-       NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
+       - bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
 CVE-2011-4312 (Multiple cross-site scripting (XSS) vulnerabilities in the 
commenting ...)
        NOT-FOR-US: Review Board
 CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access 
keys, ...)
@@ -9499,7 +9498,9 @@
 CVE-2011-2466
        RESERVED
 CVE-2011-2465 (Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 
9.8.0-P2, and ...)
-       - bind9 <not-affected> (Only affects 9.8, which hasn't been uploaded 
yet)
+       - bind9 1:9.8.1.dfsg.P1-1
+       [squeeze] - bind9 <not-affected> (Only affects 9.8)
+       [lenny] - bind9 <not-affected> (Only affects 9.8)
 CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before 
9.6-ESV-R4-P3, ...)
        {DSA-2272-1}
        - bind9 1:9.8.1.dfsg-1 (high)
@@ -11046,8 +11047,9 @@
        [squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
        [lenny] - fglrx-driver <no-dsa> (Non-free not supported)
 CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones 
(RPZ) RRset ...)
-       - bind9 <not-affected> (Only affects 9.8.0, never uploaded to the 
archive)
-       NOTE: https://www.isc.org/CVE-2011-1907
+       - bind9 1:9.8.1.dfsg.P1-1
+       [squeeze] - bind9 <not-affected> (Only affects 9.8.0)
+       [lenny] - bind9 <not-affected> (Only affects 9.8.0)
 CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before 
1.16.5, ...)
        - mediawiki <not-affected> (Incomplete fix was never released for 
Debian, neither in sid, nor oldstable/stable)
        NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to