Author: nion
Date: 2012-02-23 16:55:10 +0000 (Thu, 23 Feb 2012)
New Revision: 18524
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
- NFUs
- new backuppc issue (CVE-2011-5081) - no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-02-23 09:58:47 UTC (rev 18523)
+++ data/CVE/list 2012-02-23 16:55:10 UTC (rev 18524)
@@ -1,7 +1,7 @@
CVE-2012-1257
RESERVED
CVE-2012-1256 (The single sign-on (SSO) implementation in EasyVista before ...)
- TODO: check
+ NOT-FOR-US: EasyVista
CVE-2012-1255
RESERVED
CVE-2012-1254
@@ -115,9 +115,9 @@
CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS
allow ...)
NOT-FOR-US: Nova CMS
CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic
Analysis ...)
- TODO: check
+ NOT-FOR-US: Basic Analysis
CVE-2012-1198 (base_ag_main.php in Basic Analysis and Security Engine (BASE)
1.4.5 ...)
- TODO: check
+ NOT-FOR-US: Basic Analysis and Security Engine
CVE-2012-1197 (Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1
Build ...)
NOT-FOR-US: ACDSee
CVE-2012-1196 (Directory traversal vulnerability in the VulCore web service
...)
@@ -133,7 +133,9 @@
CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05
overwrites ...)
NOTE: DNS protocol flaw
CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in
BackupPC ...)
- TODO: check
+ - backuppc <unfixed> (low; bug #661011)
+ [squeeze] - backuppc <no-dsa> (Minor issue)
+ [lenny] - backuppc <no-dsa> (Minor issue)
CVE-2012-0869 [F*X XSS issues via various HTTP parameters in fup]
RESERVED
{DSA-2414-1}
@@ -2143,7 +2145,7 @@
CVE-2012-0316
RESERVED
CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows
local ...)
- TODO: check
+ NOT-FOR-US: ALFTP
CVE-2012-0314 (Multiple cross-site request forgery (CSRF) vulnerabilities on
the ...)
NOT-FOR-US: eAccess Pocket WiFi
CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before
stage 6.2 ...)
@@ -2191,7 +2193,7 @@
CVE-2012-0292
RESERVED
CVE-2012-0291 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite
...)
- TODO: check
+ NOT-FOR-US: pcAnywhere
CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite
...)
NOT-FOR-US: Symantec pcAnywhere
CVE-2012-0289
@@ -2785,7 +2787,7 @@
CVE-2012-0224 (Untrusted search path vulnerability in 7-Technologies (7T)
AQUIS 1.5 ...)
NOT-FOR-US: 7-Technologies (7T) AQUIS
CVE-2012-0223 (Untrusted search path vulnerability in 7-Technologies (7T)
TERMIS 2.10 ...)
- TODO: check
+ NOT-FOR-US: TERMIS
CVE-2012-0222
RESERVED
CVE-2012-0221
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-02-23 09:58:47 UTC (rev 18523)
+++ data/spu-candidates.txt 2012-02-23 16:55:10 UTC (rev 18524)
@@ -315,4 +315,8 @@
systemtap (CVE-2012-0875)
+--
+backuppc (CVE-2011-5081)
+
+
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
