Author: fgeek-guest
Date: 2012-07-17 18:37:27 +0000 (Tue, 17 Jul 2012)
New Revision: 19751
Modified:
data/CVE/list
data/DSA/list
Log:
CVE-2012-3408 is not yet fixed in Debian packages. Discussed with Stig Sandbeck
Mathisen and Sven Mueller.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-17 09:14:25 UTC (rev 19750)
+++ data/CVE/list 2012-07-17 18:37:27 UTC (rev 19751)
@@ -1280,8 +1280,7 @@
RESERVED
CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be
impersonated]
RESERVED
- {DSA-2511-1}
- - puppet 2.7.18-1 (medium)
+ - puppet <unfixed> (medium)
NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
CVE-2012-3407
RESERVED
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2012-07-17 09:14:25 UTC (rev 19750)
+++ data/DSA/list 2012-07-17 18:37:27 UTC (rev 19751)
@@ -2,7 +2,7 @@
{CVE-2012-3382}
[squeeze] - mono 2.6.7-5.1
[12 Jul 2012] DSA-2511-1 puppet - several
- {CVE-2012-3408 CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867}
+ {CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867}
[squeeze] - puppet 2.6.2-5+squeeze6
[12 Jul 2012] DSA-2510-1 extplorer - Cross-site request forgery
{CVE-2012-3362}
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
