[Secure-testing-commits] r17864 - in data: . CVE DSA

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-12-23 21:58:29 +0000 (Fri, 23 Dec 2011)
New Revision: 17864

Modified:
   data/CVE/list
   data/DSA/list
   data/next-point-update.txt
   data/spu-candidates.txt
Log:
simplesamlphp CVEfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-23 20:37:02 UTC (rev 17863)
+++ data/CVE/list	2011-12-23 21:58:29 UTC (rev 17864)
@@ -985,8 +985,9 @@
 	RESERVED
 CVE-2011-4626
 	RESERVED
-CVE-2011-4625
+CVE-2011-4625 [simplesamlphp xml encryption issues]
 	RESERVED
+	- simplesamlphp 1.8.1-1
 CVE-2011-4624
 	RESERVED
 CVE-2011-4623
@@ -2275,9 +2276,6 @@
 	RESERVED
 CVE-2011-XXXX [backuppc xss issue]
 	- backuppc <unfixed> (bug #646865)
-CVE-2011-XXXX [simplesamlphp xml encryption issues]
-	- simplesamlphp 1.8.1-1
-	NOTE: fixed in DSA 2330-1
 CVE-2011-XXXX [spip privilege escalation]
 	- spip 2.1.12-1 (bug #649113)
 	[squeeze] - spip 2.1.1-3squeeze2

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-12-23 20:37:02 UTC (rev 17863)
+++ data/DSA/list	2011-12-23 21:58:29 UTC (rev 17864)
@@ -142,6 +142,7 @@
 	[squeeze] - tor 0.2.1.31-1
 	[lenny] - tor 0.2.1.31-1~lenny+1
 [27 Oct 2011] DSA-2330-1 simplesamlphp - several
+	{CVE-2011-4625}
 	[squeeze] - simplesamlphp 1.6.3-2
 [27 Oct 2011] DSA-2329-1 torque - buffer overflow
 	{CVE-2011-2193}

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2011-12-23 20:37:02 UTC (rev 17863)
+++ data/next-point-update.txt	2011-12-23 21:58:29 UTC (rev 17864)
@@ -1,4 +1,4 @@
-CVE-2011-XXXX [unsafe use of eval]
+CVE-2011-3597 [unsafe use of eval]
 	- libdigest-perl 1.16-1+squeeze1
 CVE-2011-3369 
 	[squeeze] - etherape 0.9.8-1+squeeze1
@@ -39,11 +39,3 @@
 	[squeeze] - eglibc 2.11.3-2
 
 
-
-
-
-
-
-
-
-

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-12-23 20:37:02 UTC (rev 17863)
+++ data/spu-candidates.txt	2011-12-23 21:58:29 UTC (rev 17864)
@@ -9,11 +9,6 @@
 
 --
 
-acpid (CVE-2011-1159)
-https://bugzilla.redhat.com/show_bug.cgi?id=688698
-
---
-
 ax25-tools (CVE-2011-2910)
 #638918
 waiting unstable
@@ -240,11 +235,6 @@
 
 --
 
-stunnel (CVE-2011-XXXX)
-http://www.stunnel.org/?page=sdf_ChangeLog (v4.35)
-
---
-
 system-config-printer (CVE-2011-2899)
 #639243