[Secure-testing-commits] r20296 - data/CVE

Fri, 05 Oct 2012 22:43:17 -0700 

Author: geissert
Date: 2012-10-06 05:43:03 +0000 (Sat, 06 Oct 2012)
New Revision: 20296

Modified:
   data/CVE/list
Log:
cross-reference some issues with their bug reports


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-10-06 01:56:10 UTC (rev 20295)
+++ data/CVE/list       2012-10-06 05:43:03 UTC (rev 20296)
@@ -2453,10 +2453,10 @@
        NOTE: http://struts.apache.org/2.x/docs/s2-010.html
 CVE-2012-4385 [letodms CSRF]
        RESERVED
-       - letodms 3.3.7+dfsg-1
+       - letodms 3.3.7+dfsg-1 (bug #689664)
 CVE-2012-4384 [letodms XSS]
        RESERVED
-       - letodms 3.3.7+dfsg-1
+       - letodms 3.3.7+dfsg-1 (bug #689664)
 CVE-2012-4383
        RESERVED
        NOT-FOR-US: Contao
@@ -4394,7 +4394,7 @@
 CVE-2012-3525 (s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a 
...)
        - jabberd2 <unfixed> (bug #685666)
 CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other 
privileged ...)
-       - dbus 1.6.8-1
+       - dbus 1.6.8-1 (bug #689070)
        - glib2.0 <unfixed>
        [squeeze] - glib2.0 <not-affected> (Vulnerable code not present)
        NOTE: fixed in 2.34.0-1 from experimental 
@@ -26897,7 +26897,7 @@
        NOT-FOR-US: Oracle Solaris
 CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 
2.5.x ...)
        {DSA-2233-1}
-       - postfix 2.8.0-1
+       - postfix 2.8.0-1 (bug #617849)
        NOTE: http://www.securityfocus.com/archive/1/516901/30/0/threaded
        NOTE: http://www.postfix.org/announcements/postfix-2.7.3.html
        NOTE: http://www.postfix.org/CVE-2011-0411.html
@@ -104774,8 +104774,8 @@
 CVE-2006-0198 (Cross-site scripting (XSS) vulnerability in a certain module, 
possibly ...)
        NOT-FOR-US: XOOPS
 CVE-2006-0197 (The XClientMessageEvent struct used in certain components of 
X.Org ...)
-       - libx11 <undetermined>
-       NOTE: Doesn't look like a security problem, see #349251
+       - libx11 <undetermined> (bug #349251)
+       NOTE: Doesn't look like a security problem, see bug report
 CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 
0.4.4 ...)
        NOT-FOR-US: slsnif
 CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 
1.4.0 ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to