[Secure-testing-commits] r20360 - data/CVE

Wed, 17 Oct 2012 00:22:57 -0700 

Author: jmm
Date: 2012-10-17 07:22:47 +0000 (Wed, 17 Oct 2012)
New Revision: 20360

Modified:
   data/CVE/list
Log:
mc, vino no-dsa
librdmacm fixed, squeeze not affected
new otrs2 issue, fixed in sid


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-10-17 04:59:35 UTC (rev 20359)
+++ data/CVE/list       2012-10-17 07:22:47 UTC (rev 20360)
@@ -1599,6 +1599,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2012/09/05/17
 CVE-2012-4751
        RESERVED
+       - otrs2 3.1.7+dfsg1-6
 CVE-2012-4750
        RESERVED
 CVE-2012-4749
@@ -2307,7 +2308,8 @@
        NOT-FOR-US: ibacm
 CVE-2012-4516
        RESERVED
-       - librdmacm <unfixed> (bug #690672)
+       - librdmacm 1.0.16-1 (bug #690672)
+       [squeeze] - librdmacm <not-affected> (Introduced in 1.0.12)
 CVE-2012-4515
        RESERVED
        - kdebase <removed> (unimportant)
@@ -2445,8 +2447,9 @@
        - ruby1.9.1 1.9.3.194-2 (low; bug #689075)
        [squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)
 CVE-2012-4463 (Midnight Commander (mc) 4.8.5 does not properly handle the (1) 
...)
-       - mc <unfixed> (bug #689571)
-       NOTE: https://www.midnight-commander.org/ticket/2913
+       - mc <unfixed> (low; bug #689571)
+       [wheezy] - mc <no-dsa> (Minor issue)
+       [squeeze] - mc <no-dsa> (Minor issue)
 CVE-2012-4462
        RESERVED
        - condor <not-affected> (This bug only affects the Aviary contrib 
module, which isn't built in the Debian condor package, #690556)
@@ -2552,6 +2555,8 @@
        NOTE: 
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
 CVE-2012-4429 (Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to 
read ...)
        - vino <unfixed> (bug #687596; low)
+       [squeeze] - vino <no-dsa> (Minor issue)
+       [wheezy] - vino <no-dsa> (Minor issue)
 CVE-2012-4428
        RESERVED
        - openslp-dfsg <unfixed> (bug #687597; low)
@@ -13358,7 +13363,7 @@
 CVE-2012-0228 (Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not 
...)
        NOT-FOR-US: Invensys Wonderware Information Server
 CVE-2012-0227 (Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in 
...)
-       TODO: check
+       NOT-FOR-US: Open Automation Software OPC Systems.NET
 CVE-2012-0226 (SQL injection vulnerability in Invensys Wonderware Information 
Server ...)
        NOT-FOR-US: Invensys Wonderware Information Server
 CVE-2012-0225 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to