[Secure-testing-commits] r19126 - in data: . CVE

Thu, 03 May 2012 08:07:00 -0700 

Author: jmm
Date: 2012-05-03 15:06:45 +0000 (Thu, 03 May 2012)
New Revision: 19126

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
one struts issue not affected
otrs fixed (also in squeeze)
libgssglue no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-05-03 14:44:56 UTC (rev 19125)
+++ data/CVE/list       2012-05-03 15:06:45 UTC (rev 19126)
@@ -2075,7 +2075,7 @@
        NOTE: Not suitable for code injection
 CVE-2012-1592
        RESERVED
-       - libstruts1.2-java <unfixed> (bug #657870)
+       - libstruts1.2-java <not-affected> (Only applies to Struts 2, see bug 
#657870)
 CVE-2012-1591
        RESERVED
 CVE-2012-1590
@@ -13226,6 +13226,7 @@
 CVE-2011-2709 [GSSAPI_MECH_CONF environment variable not ignored in privileged 
processes]
        RESERVED
        - libgssglue <unfixed> (low; bug #670256)
+       [squeeze] - libgssglue <no-dsa> (Minor issue in Squeeze)
        NOTE: Our mount.nfs does not link against libgssglue,
        NOTE: so we do not appear to be affected directly.
 CVE-2011-2708
@@ -19790,8 +19791,7 @@
 CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and 
earlier ...)
        NOT-FOR-US: e107
 CVE-2011-0456 (webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and 
earlier ...)
-       - otrs2 <unfixed>
-       TODO: check
+       - otrs2 2.4.5-1
 CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before 
2.0.3 ...)
        NOT-FOR-US: Things BBS
 CVE-2011-0454 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the 
SEIL/x86 ...)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt     2012-05-03 14:44:56 UTC (rev 19125)
+++ data/spu-candidates.txt     2012-05-03 15:06:45 UTC (rev 19126)
@@ -179,6 +179,11 @@
 
 --
 
+libgssglue (CVE-2011-2709)
+patch in bug #670256
+
+--
+
 libxslt (CVE-2011-3970)
 #660650
 
http://git.gnome.org/browse/libxslt/commit/?id=fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to