[Secure-testing-commits] r20412 - data/CVE

Moritz Muehlenhoff Mon, 29 Oct 2012 01:08:47 -0700

Author: jmm
Date: 2012-10-29 08:05:11 +0000 (Mon, 29 Oct 2012)
New Revision: 20412


Modified:
   data/CVE/list
Log:
tiff3 not-affected
mysql-5.5 fixed
kfreebsd-9 fixed
bind9 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-10-27 14:35:21 UTC (rev 20411)
+++ data/CVE/list       2012-10-29 08:05:11 UTC (rev 20412)
@@ -621,7 +621,6 @@
 CVE-2012-XXXX [drupal OpenID module arbitrary code execution]
        - drupal7 <unfixed> (bug #690817)
        - drupal6 <not-affected> (according to upstream)
-       TODO: check
        NOTE: http://drupal.org/node/1815912
 CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in 
the ...)
        TODO: check
@@ -1130,7 +1129,7 @@
        TODO: check
 CVE-2012-5166 (ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x 
before ...)
        {DSA-2560-1}
-       - bind9 <unfixed> (bug #690118)
+       - bind9 1:9.8.1.dfsg.P1-4.3 (bug #690118)
 CVE-2012-5165
        RESERVED
 CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS 
before ...)
@@ -5341,7 +5340,7 @@
        RESERVED
 CVE-2012-3549 (The SCTP implementation in FreeBSD 8.2 allows remote attackers 
to ...)
        - kfreebsd-8 <unfixed> (bug #686961)
-       - kfreebsd-9 <unfixed> (bug #686962)
+       - kfreebsd-9 9.0-7 (bug #686962)
        - kfreebsd-10 <unfixed> (bug #686963)
        NOTE: http://www.exploit-db.com/exploits/20226/
 CVE-2012-3548 (The dissect_drda function in epan/dissectors/packet-drda.c in 
...)
@@ -6313,7 +6312,7 @@
        NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3197 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3196 (Unspecified vulnerability in the Oracle Human Resources 
component in ...)
        NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3195 (Unspecified vulnerability in the PeopleSoft Enterprise 
PeopleTools ...)
@@ -6348,14 +6347,14 @@
        NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3180 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3179 (Unspecified vulnerability in the PeopleSoft Enterprise 
PeopleTools ...)
        NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3178
        RESERVED
 CVE-2012-3177 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3176 (Unspecified vulnerability in the PeopleSoft Enterprise 
PeopleTools ...)
        NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3175 (Unspecified vulnerability in the Oracle Application Server 
Single ...)
@@ -6364,7 +6363,7 @@
        RESERVED
 CVE-2012-3173 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3172
        RESERVED
 CVE-2012-3171 (Unspecified vulnerability in the Oracle Applications Technology 
Stack ...)
@@ -6377,34 +6376,34 @@
        RESERVED
 CVE-2012-3167 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3166 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3165 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 
11 ...)
        NOT-FOR-US: Oracle Sun Solaris
 CVE-2012-3164 (Unspecified vulnerability in the Oracle Marketing component in 
Oracle ...)
        NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3163 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3162 (Unspecified vulnerability in the Oracle Applications Framework 
...)
        NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3161 (Unspecified vulnerability in the Oracle Agile PLM Framework 
component ...)
        NOT-FOR-US: Oracle Supply Chain Products Suite
 CVE-2012-3160 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3159 (Unspecified vulnerability in the Java Runtime Environment (JRE) 
...)
        - openjdk-6 <unfixed> (bug #690774)
        - openjdk-7 <unfixed> (bug #690774)
 CVE-2012-3158 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3157 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking 
...)
        NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-3156 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3155 (Unspecified vulnerability in the CORBA ORB component in Sun 
GlassFish ...)
        NOT-FOR-US: GlassFish Server
 CVE-2012-3154 (Unspecified vulnerability in the Oracle Agile PLM Framework 
component ...)
@@ -6417,19 +6416,19 @@
        NOT-FOR-US: Oracle Database Server
 CVE-2012-3150 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
        - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3149 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3148 (Unspecified vulnerability in the Oracle Field Service component 
in ...)
        NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3147 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3146 (Unspecified vulnerability in the Core RDBMS component in Oracle 
...)
        NOT-FOR-US: Oracle Database Server
 CVE-2012-3145 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking 
...)
        NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-3144 (Unspecified vulnerability in the MySQL Server component in 
Oracle ...)
-       - mysql-5.5 <unfixed> (bug #690778)
+       - mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3143 (Unspecified vulnerability in the Java Runtime Environment (JRE) 
...)
        - openjdk-6 <unfixed> (bug #690774)
        - openjdk-7 <unfixed> (bug #690774)
@@ -9014,7 +9013,7 @@
 CVE-2012-2113 (Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 
allow ...)
        {DSA-2552-1}
        - tiff 4.0.2-1 (bug #678140)
-       - tiff3 <unfixed>
+       - tiff3 <not-affected> (The tiff-tools package is only built from the 
tiff source package)
 CVE-2012-2112 (Cross-site scripting (XSS) vulnerability in the Exception 
Handler in ...)
        {DSA-2455-1}
        - typo3-src 4.5.15+dfsg1-1 (bug #669158)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r20412 - data/CVE

Reply via email to