[Secure-testing-commits] r17808 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Dec 16 23:13:42 UTC 2011
Author: gilbert-guest
Date: 2011-12-16 23:13:42 +0000 (Fri, 16 Dec 2011)
New Revision: 17808
Modified:
data/CVE/list
Log:
xorg updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-16 21:14:23 UTC (rev 17807)
+++ data/CVE/list 2011-12-16 23:13:42 UTC (rev 17808)
@@ -917,8 +917,14 @@
RESERVED
CVE-2011-4613 [X launcher permission bypass]
RESERVED
- - xorg <unfixed> (bug #652249)
+ - xorg 1:7.6+10 (low; bug #652249)
+ [squeeze] - xorg <no-dsa> (an exposure that needs to be combined with other vulnerabilities to have any impact)
[lenny] - xorg <not-affected> (Introduced in 1:7.4~4)
+CVE-2011-XXXX [X launcher doesn't drop group privileges]
+ - xorg 1:7.6+10 (low)
+ [squeeze] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector)
+ [lenny] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector)
+ NOTE: http://anonscm.debian.org/gitweb/?p=pkg-xorg/debian/xorg.git;a=commitdiff;h=e81b3943be75ca6674867fc7756905490e979522
CVE-2011-4612
RESERVED
CVE-2011-4611
More information about the Secure-testing-commits
mailing list