[Secure-testing-commits] r19240 - data/CVE

Joey Hess Sun, 13 May 2012 14:14:36 -0700

Author: joeyh
Date: 2012-05-13 21:14:24 +0000 (Sun, 13 May 2012)
New Revision: 19240


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-05-13 20:28:27 UTC (rev 19239)
+++ data/CVE/list       2012-05-13 21:14:24 UTC (rev 19240)
@@ -4056,13 +4056,14 @@
        RESERVED
 CVE-2012-0947 [Heap-based Buffer Overflow in libavcodec]
        RESERVED
+       {DSA-2471-1}
        - libav 6:0.8.2-1
        - ffmpeg <removed>
        NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
        NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
 CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to 
access ...)
        - nvidia-graphics-drivers 295.40-1
-    [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
+       [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
 CVE-2012-0945
        RESERVED
 CVE-2012-0944
@@ -4306,6 +4307,7 @@
        RESERVED
 CVE-2012-0853
        RESERVED
+       {DSA-2471-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2012-0852
@@ -4400,7 +4402,7 @@
 CVE-2012-0824
        RESERVED
        - gnusound <removed> (low; bug #654270)
-    [squeeze] - gnusound 0.7.5-3+squeeze1
+       [squeeze] - gnusound 0.7.5-3+squeeze1
 CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 &quot;Duclair&quot; allows 
remote attackers ...)
        - libvpx 1.0.0-1
        [squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
@@ -4432,7 +4434,7 @@
        - rpm 4.9.1.3-1 (bug #667031)
 CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in 
OpenSSH ...)
        - openssh 1:5.6p1-1 (low; bug #657445)
-    [squeeze] - openssh-server 1:5.5p1-6+squeeze2
+       [squeeze] - openssh-server 1:5.5p1-6+squeeze2
 CVE-2012-0813 [wicd cleartext passwords]
        RESERVED
        - wicd 1.7.1~b3-4 (unimportant; bug #652417)
@@ -6541,7 +6543,7 @@
        - openarena 0.8.5-6 (medium; bug #665656)
        - ioquake3 <not-affected> (fixed before upload)
        - tremulous 1.1.0-8 (bug #665842)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2010-5076
        RESERVED
        - qt4-x11 4:4.6.3-1
@@ -7686,7 +7688,7 @@
 CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to 
overwrite ...)
        - python-virtualenv 1.6-1 (low; bug #652653)
        [lenny] - python-virtualenv <no-dsa> (Minor issue)
-    [squeeze] - python-virtualenv 1.4.9-3squeeze1
+       [squeeze] - python-virtualenv 1.4.9-3squeeze1
 CVE-2011-4616 (Cross-site scripting (XSS) vulnerability in the 
HTML-Template-Pro ...)
        - libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
        [squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
@@ -9264,7 +9266,7 @@
 CVE-2011-4099
        RESERVED
        - libcap2 1:2.22-1 (low)
-    [squeeze] - libcap2 1:2.19-3
+       [squeeze] - libcap2 1:2.19-3
 CVE-2011-4098
        RESERVED
 CVE-2011-4097
@@ -9908,6 +9910,7 @@
        RESERVED
 CVE-2011-3947
        RESERVED
+       {DSA-2471-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3946
@@ -9926,6 +9929,7 @@
        RESERVED
 CVE-2011-3940
        RESERVED
+       {DSA-2471-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3939
@@ -9938,6 +9942,7 @@
        - ffmpeg <removed>
 CVE-2011-3936
        RESERVED
+       {DSA-2471-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3935
@@ -9954,6 +9959,7 @@
        RESERVED
 CVE-2011-3929
        RESERVED
+       {DSA-2471-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 
16.0.912.77 ...)
@@ -10072,6 +10078,7 @@
        - webkit <not-affected> (Chrome issue)
        [squeeze] - chromium-browser <not-affected>
 CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google 
Chrome ...)
+       {DSA-2471-1}
        - chromium-browser 15.0.874.121~r109964-1
        - webkit <not-affected> (Chrome issue)
        - ffmpeg <removed>
@@ -10081,6 +10088,7 @@
        - webkit <not-affected> (Chrome issue)
        [squeeze] - chromium-browser <not-affected>
 CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement 
the MKV ...)
+       {DSA-2471-1}
        - chromium-browser 15.0.874.121~r109964-1
        - webkit <not-affected> (Chrome issue)
        - libav 4:0.8~beta2-1 (bug #654534; bug #654572)
@@ -10090,6 +10098,7 @@
        NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106599
        NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106621
 CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google 
Chrome ...)
+       {DSA-2471-1}
        - chromium-browser 15.0.874.121~r109964-1
        - webkit <not-affected> (Chrome issue)
        [squeeze] - chromium-browser <not-affected>
@@ -10924,11 +10933,11 @@
 CVE-2011-3598 (Multiple cross-site scripting (XSS) vulnerabilities in 
phpPgAdmin ...)
        - phppgadmin 5.0.3-1 (low; bug #644290)
        [squeeze] - phppgadmin 4.2.3-1.1squeeze1
-    [lenny] - phppgadmin 4.2.2-1lenny1
+       [lenny] - phppgadmin 4.2.2-1lenny1
 CVE-2011-3597 (Eval injection in the Digest module before 1.17 for Perl allows 
...)
        - libdigest-perl 1.17-1 (low; bug #644108)
        [squeeze] - libdigest-perl 1.16-1+squeeze1
-    [lenny] - libdigest-perl 1.15-2+lenny1
+       [lenny] - libdigest-perl 1.15-2+lenny1
        - perl 5.12.4-6 (low; bug #644108)
        [squeeze] - perl 5.10.1-17squeeze3
        [lenny] - perl <no-dsa> (Minor issue)
@@ -10986,7 +10995,7 @@
        RESERVED
        - typo3-src 4.5.6+dfsg1-1 (low; bug #641683)
        [squeeze] - typo3-src 4.3.9+dfsg1-1+squeeze2
-    [lenny] - typo3-src 4.2.5-1+lenny9
+       [lenny] - typo3-src 4.2.5-1+lenny9
 CVE-2011-3583 [TYPO3-SA-2011-002]
        RESERVED
        - typo3-src 4.5.6+dfsg1-1 (low; bug #641682)
@@ -12587,7 +12596,7 @@
        [squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point 
update)
        - ioquake3 1.36+svn1946-4
        - tremulous 1.1.0-6 (bug #660836)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly 
handle ...)
        NOT-FOR-US: CA ARCserve D2D
 CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 
before ...)
@@ -13536,7 +13545,7 @@
        [squeeze] - openarena 0.8.5-5+squeeze1
        - ioquake3 1.36+svn1946-4
        - tremulous 1.1.0-6 (bug #660836)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 
(11) and ...)
        NOT-FOR-US: LifeSize Room appliance
 CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 
(11) ...)
@@ -13637,7 +13646,7 @@
        RESERVED
        - kdeutils 4:4.6.5-4 (low; bug #635541)
        [lenny] - kdeutils <no-dsa> (Minor issue)
-    [squeeze] - kdeutils 4:4.4.5-1+squeeze1
+       [squeeze] - kdeutils 4:4.4.5-1+squeeze1
 CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in 
smbfs ...)
        - samba 2:3.4.7~dfsg-2 (low)
        - cifs-utils 2:5.1-1 (low)
@@ -16278,7 +16287,7 @@
 CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 
1.2.2 and ...)
        - keepalived 1:1.2.2-2 (low; bug #626281)
        [lenny] - keepalived <no-dsa> (Minor issue)
-    [squeeze] - keepalived 1:1.1.20-1+squeeze1
+       [squeeze] - keepalived 1:1.1.20-1+squeeze1
 CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as 
distributed in ...)
        {DSA-2251-1}
        - subversion 1.6.17dfsg-1
@@ -90719,11 +90728,11 @@
 CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the 
Icculus ...)
        - ioquake3 1.36+svn1788j-1
        - tremulous 1.1.0-6 (bug #660834)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and 
the ...)
        - ioquake3 1.36+svn1788j-1
        - tremulous 1.1.0-6 (bug #660832)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in 
MF ...)
        NOT-FOR-US: MF Piadas
 CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php 
in ...)
@@ -91702,7 +91711,7 @@
        NOT-FOR-US: PHP Pro Publish
 CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of 
Quake ...)
        - tremulous 1.1.0-6 (bug #660827)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
        - ioquake3 1.36+svn1788j-1
 CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4 
has ...)
        NOT-FOR-US: OSADS
@@ -93222,7 +93231,7 @@
        - awstats 6.5-2 (bug #365909; bug #365910; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, 
(2) ...)
        - tremulous 1.1.0-6 (bug #660827)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
        - ioquake3 1.36+svn1788j-1
 CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when 
authentication is ...)
        NOT-FOR-US: Simple Poll
@@ -93582,7 +93591,7 @@
 CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in 
...)
        - ioquake3 1.36+svn1788j-1
        - tremulous 1.1.0-6 (bug #660831)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+       [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to 
execute ...)
        NOT-FOR-US: Oracle
 CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in 
Verosky ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r19240 - data/CVE

Reply via email to