[Secure-testing-commits] r18829 - data/CVE

Joey Hess Wed, 04 Apr 2012 14:15:41 -0700

Author: joeyh
Date: 2012-04-04 21:15:20 +0000 (Wed, 04 Apr 2012)
New Revision: 18829


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-04-04 19:59:07 UTC (rev 18828)
+++ data/CVE/list       2012-04-04 21:15:20 UTC (rev 18829)
@@ -1,3 +1,9 @@
+CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict 
the use ...)
+       TODO: check
+CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a 
hash to ...)
+       TODO: check
+CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 
FirePass ...)
+       TODO: check
 CVE-2012-XXXX [XSS from 5.0.4 release]
        - phppgadmin 5.0.4-1
        [squeeze] - phppgadmin <no-dsa> (Minor issue, will be fixed through a 
point update)
@@ -147,8 +153,8 @@
        RESERVED
 CVE-2012-1983
        RESERVED
-CVE-2012-1982
-       RESERVED
+CVE-2012-1982 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
 CVE-2012-1981
        RESERVED
 CVE-2012-1980
@@ -542,8 +548,8 @@
        RESERVED
 CVE-2012-1791
        RESERVED
-CVE-2012-1777
-       RESERVED
+CVE-2012-1777 (SQL injection vulnerability in my.activation.php3 in F5 
FirePass 6.0.0 ...)
+       TODO: check
 CVE-2012-1776 (Multiple heap-based buffer overflows in VideoLAN VLC media 
player ...)
        TODO: check
 CVE-2012-1775 (Stack-based buffer overflow in VideoLAN VLC media player before 
2.0.1 ...)
@@ -1881,6 +1887,7 @@
        - systemd 44-1 (bug #664364)
 CVE-2012-1173
        RESERVED
+       {DSA-2447-1}
 CVE-2012-1172 [PHP 5.3.x Corrupted $_FILES indices lead to security concern]
        RESERVED
        - php5 5.4.0-1 (bug #663760)
@@ -4033,8 +4040,8 @@
        NOT-FOR-US: Cisco Digital Media Manager
 CVE-2012-0328 (Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to 
obtain ...)
        NOT-FOR-US: Janetter
-CVE-2012-0327
-       RESERVED
+CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 
1.3.2 ...)
+       TODO: check
 CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does 
not ...)
        NOT-FOR-US: twicca application for Android
 CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins 
before ...)
@@ -4345,8 +4352,8 @@
        NOT-FOR-US: Final Draft
 CVE-2011-5001 (Stack-based buffer overflow in the CGenericScheduler::AddTask 
function ...)
        NOT-FOR-US: Trend Micro Control Manager
-CVE-2011-5000
-       RESERVED
+CVE-2011-5000 (The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 
5.8 and ...)
+       TODO: check
 CVE-2011-4999
        RESERVED
 CVE-2011-4998
@@ -5172,8 +5179,8 @@
        RESERVED
 CVE-2012-0132
        RESERVED
-CVE-2012-0131
-       RESERVED
+CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX 
...)
+       TODO: check
 CVE-2012-0130
        RESERVED
 CVE-2012-0129
@@ -10724,8 +10731,9 @@
        - chromium-browser 17.0.963.83~r127885-1
 CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the 
...)
        - chromium-browser 17.0.963.83~r127885-1
-CVE-2011-3048 (memory corruption flaw)
+CVE-2011-3048
        RESERVED
+       {DSA-2446-1}
        - libpng <unfixed> (bug #667475)
 CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows 
remote ...)
        - chromium-browser 17.0.963.83~r127885-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r18829 - data/CVE

Reply via email to