Author: jmm
Date: 2012-04-30 12:39:23 +0000 (Mon, 30 Apr 2012)
New Revision: 19103
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
new elixir issue
filed bug for dokuwiki (no-dsa)
gridengine issue affect Debian
spring issues confirmed, bugs filed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-30 07:57:53 UTC (rev 19102)
+++ data/CVE/list 2012-04-30 12:39:23 UTC (rev 19103)
@@ -529,6 +529,7 @@
RESERVED
CVE-2012-2146
RESERVED
+ - elixir <unfixed> (low)
CVE-2012-2145
RESERVED
CVE-2012-2144
@@ -570,7 +571,8 @@
RESERVED
CVE-2012-2129 [dokuwiki doku.php 'target' param xss]
RESERVED
- - dokuwiki <unfixed>
+ - dokuwiki <unfixed> (low; bug #670917)
+ [squeeze] - dokuwiki <no-dsa> (Minor issue)
NOTE: http://secunia.com/advisories/48848/
CVE-2012-2128
RESERVED
@@ -4436,10 +4438,9 @@
RESERVED
CVE-2012-0523 [Local Oracle Grid Engine Vulnerability]
RESERVED
- - gridengine <undetermined>
+ - gridengine <unfixed>
NOTE: http://www.securityfocus.com/bid/53132
NOTE: http://gridscheduler.sourceforge.net/security.html
- TODO: check
CVE-2012-0522
RESERVED
CVE-2012-0521
@@ -6011,8 +6012,7 @@
[lenny] - horde3 <not-affected> (Introduced in 3.3.12)
CVE-2012-0208 [Oracle Grid Engine 'qrsh' Remote Code Injection Vulnerability]
RESERVED
- - gridengine <undetermined>
- TODO: check
+ - gridengine <unfixed>
NOTE: http://www.securityfocus.com/bid/53123/info
NOTE: http://gridscheduler.sourceforge.net/security.html
CVE-2012-0207
@@ -12386,8 +12386,8 @@
{DSA-2293-1}
- libxfont 1:1.4.4-1
CVE-2011-2894 (Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0
through ...)
- - libspring-security-2.0-java <unfixed>
- - libspring-java <unfixed>
+ - libspring-security-2.0-java <unfixed> (bug #670901)
+ - libspring-java <unfixed> (bug #670901)
CVE-2011-2893 (The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows
...)
NOT-FOR-US: IBM Lotus Symphony
CVE-2011-2892 (Joomla! 1.6.x before 1.6.2 does not prevent page rendering
inside a ...)
@@ -12942,13 +12942,13 @@
NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
CVE-2011-2732
RESERVED
- - libspring-security-2.0-java <unfixed>
+ - libspring-security-2.0-java <unfixed> (bug #670901)
CVE-2011-2731
RESERVED
- - libspring-security-2.0-java <unfixed>
+ - libspring-security-2.0-java <unfixed> (bug #670901)
CVE-2011-2730
RESERVED
- - libspring-2.5-java <unfixed>
+ - libspring-2.5-java <unfixed> (bug #670901)
CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component
1.0.3 ...)
- commons-daemon 1.0.7-1
[squeeze] - commons-daemon <not-affected> (Support for libcap was only
added in 1.0.6)
@@ -14390,7 +14390,7 @@
NOTE: for details
CVE-2011-2187
RESERVED
- - xscreensaver 5.14-1
+ - xscreensaver 5.14-1 (bug #627382)
[squeeze] - xscreensaver <not-affected> (introduced in 5.13)
CVE-2011-2186
RESERVED
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-04-30 07:57:53 UTC (rev 19102)
+++ data/spu-candidates.txt 2012-04-30 12:39:23 UTC (rev 19103)
@@ -64,6 +64,11 @@
--
+dokuwiki (CVE-2012-2129)
+#670917
+
+--
+
emacs23 (CVE-2012-0035)
#655300
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
