[Secure-testing-commits] r19822 - data/CVE

Mon, 30 Jul 2012 05:38:59 -0700 

Author: jmm
Date: 2012-07-30 12:38:50 +0000 (Mon, 30 Jul 2012)
New Revision: 19822

Modified:
   data/CVE/list
Log:
bind9 also not affected in sid
new php issue
php non-issue
NFUs
filed bug for zabbix



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-07-30 10:35:28 UTC (rev 19821)
+++ data/CVE/list       2012-07-30 12:38:50 UTC (rev 19822)
@@ -423,9 +423,8 @@
 CVE-2012-3869
        RESERVED
 CVE-2012-3868 (Race condition in the ns_client structure management in ISC 
BIND 9.9.x ...)
-       TODO: check
        NOTE: https://kb.isc.org/article/AA-00730
-       [squeeze] - bind9 <not-affected> (Vulnerable code not present)
+       - bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x)
 CVE-2012-3867
        RESERVED
        {DSA-2511-1}
@@ -1325,7 +1324,7 @@
        - openttd <unfixed> (low; bug #683258)
 CVE-2012-3435 [Zabbix SQL injection flaw]
        RESERVED
-       TODO: check
+       - zabbix <unfixed> (bug #683273)
        NOTE: http://seclists.org/oss-sec/2012/q3/127
 CVE-2012-3434 [WordPress plugin Count Per Day XSS (SSCHADV2012-015)]
        RESERVED
@@ -1339,6 +1338,7 @@
        NOTE: CVE assigment 
http://www.openwall.com/lists/oss-security/2012/07/27/1
 CVE-2012-3431
        RESERVED
+       NOT-FOR-US: Teeid
 CVE-2012-3430 [kernel: recv{from,msg}() on an rds socket can leak kernel 
memory]
        RESERVED
        - linux <unfixed>
@@ -1574,11 +1574,13 @@
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835849
 CVE-2012-3367
        RESERVED
+       NOT-FOR-US: Red Hat Certificate System
 CVE-2012-3366 (The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote 
attackers ...)
        {DSA-2503-1}
        - bcfg2 1.2.2-2 (bug #679272)
 CVE-2012-3365 (The SQLite functionality in PHP before 5.3.15 allows remote 
attackers ...)
-       TODO: check
+       - php5 <unfixed> (unimportant)
+       NOTE: open_basedir not supported
 CVE-2012-3364
        RESERVED
        - linux 3.2.23-1
@@ -3048,7 +3050,7 @@
 CVE-2012-2689
        RESERVED
 CVE-2012-2688 (Unspecified vulnerability in the _php_stream_scandir function 
in the ...)
-       TODO: check
+       - php5 <unfixed> (low; bug #683274)
 CVE-2012-2687 [apache mod_negotiation XSS]
        RESERVED
        - apache2 2.2.22-8 (low)
@@ -3120,6 +3122,7 @@
        - iptables <unfixed> (bug #675445)
 CVE-2012-2662
        RESERVED
+       NOT-FOR-US: Red Hat Certificate System
 CVE-2012-2661 (The Active Record component in Ruby on Rails 3.0.x before 
3.0.13, ...)
        - rails <not-affected> (Doesn't affects RoR in Squeeze)
        - ruby-activerecord-3.2 3.2.6-1 (bug #675396; bug #675429)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to