[Secure-testing-commits] r17865 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sat Dec 24 09:14:25 UTC 2011


Author: joeyh
Date: 2011-12-24 09:14:25 +0000 (Sat, 24 Dec 2011)
New Revision: 17865

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-23 21:58:29 UTC (rev 17864)
+++ data/CVE/list	2011-12-24 09:14:25 UTC (rev 17865)
@@ -1,3 +1,147 @@
+CVE-2012-0264
+	RESERVED
+CVE-2012-0263
+	RESERVED
+CVE-2012-0262
+	RESERVED
+CVE-2012-0261
+	RESERVED
+CVE-2012-0260
+	RESERVED
+CVE-2012-0259
+	RESERVED
+CVE-2012-0258
+	RESERVED
+CVE-2012-0257
+	RESERVED
+CVE-2012-0256
+	RESERVED
+CVE-2012-0255
+	RESERVED
+CVE-2012-0254
+	RESERVED
+CVE-2012-0253
+	RESERVED
+CVE-2012-0252
+	RESERVED
+CVE-2012-0251
+	RESERVED
+CVE-2012-0250
+	RESERVED
+CVE-2012-0249
+	RESERVED
+CVE-2012-0248
+	RESERVED
+CVE-2012-0247
+	RESERVED
+CVE-2012-0246
+	RESERVED
+CVE-2012-0245
+	RESERVED
+CVE-2012-0244
+	RESERVED
+CVE-2012-0243
+	RESERVED
+CVE-2012-0242
+	RESERVED
+CVE-2012-0241
+	RESERVED
+CVE-2012-0240
+	RESERVED
+CVE-2012-0239
+	RESERVED
+CVE-2012-0238
+	RESERVED
+CVE-2012-0237
+	RESERVED
+CVE-2012-0236
+	RESERVED
+CVE-2012-0235
+	RESERVED
+CVE-2012-0234
+	RESERVED
+CVE-2012-0233
+	RESERVED
+CVE-2012-0232
+	RESERVED
+CVE-2012-0231
+	RESERVED
+CVE-2012-0230
+	RESERVED
+CVE-2012-0229
+	RESERVED
+CVE-2012-0228
+	RESERVED
+CVE-2012-0227
+	RESERVED
+CVE-2012-0226
+	RESERVED
+CVE-2012-0225
+	RESERVED
+CVE-2012-0224
+	RESERVED
+CVE-2012-0223
+	RESERVED
+CVE-2012-0222
+	RESERVED
+CVE-2012-0221
+	RESERVED
+CVE-2011-4897 (Tor before 0.2.2.25-alpha, when configured as a relay without the ...)
+	TODO: check
+CVE-2011-4896 (Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ...)
+	TODO: check
+CVE-2011-4895 (Tor before 0.2.2.34, when configured as a bridge, sets up circuits ...)
+	TODO: check
+CVE-2011-4894 (Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort ...)
+	TODO: check
+CVE-2011-4893
+	RESERVED
+CVE-2011-4892
+	RESERVED
+CVE-2011-4891
+	RESERVED
+CVE-2011-4890
+	RESERVED
+CVE-2011-4889
+	RESERVED
+CVE-2011-4888
+	RESERVED
+CVE-2011-4887
+	RESERVED
+CVE-2011-4886
+	RESERVED
+CVE-2011-4885
+	RESERVED
+CVE-2011-4884
+	RESERVED
+CVE-2011-4883
+	RESERVED
+CVE-2011-4882
+	RESERVED
+CVE-2011-4881
+	RESERVED
+CVE-2011-4880
+	RESERVED
+CVE-2011-4879
+	RESERVED
+CVE-2011-4878
+	RESERVED
+CVE-2011-4877
+	RESERVED
+CVE-2011-4876
+	RESERVED
+CVE-2011-4875
+	RESERVED
+CVE-2011-4874
+	RESERVED
+CVE-2011-4873
+	RESERVED
+CVE-2011-4872
+	RESERVED
+CVE-2011-4871
+	RESERVED
+CVE-2011-4870
+	RESERVED
 CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly ...)
 	{DSA-2370-1}
 	- unbound 1.4.14-1 (medium)
@@ -433,16 +577,14 @@
 	RESERVED
 CVE-2011-4783
 	RESERVED
-CVE-2011-4782
-	RESERVED
+CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in ...)
 	- phpmyadmin 4:3.4.9-1
 CVE-2011-4781
 	RESERVED
-CVE-2011-4780
-	RESERVED
+CVE-2011-4780 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	- phpmyadmin 4:3.4.9-1
 CVE-2011-4779
-	RESERVED
+	REJECTED
 CVE-2011-4778
 	RESERVED
 CVE-2011-4777 (Cross-site scripting (XSS) vulnerability in the Site Editor (aka ...)
@@ -964,8 +1106,7 @@
 	RESERVED
 CVE-2011-4635
 	RESERVED
-CVE-2011-4634 [PMASA-2011-18 xss]
-	RESERVED
+CVE-2011-4634 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
 	- phpmyadmin 4:3.4.8-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -987,6 +1128,7 @@
 	RESERVED
 CVE-2011-4625 [simplesamlphp xml encryption issues]
 	RESERVED
+	{DSA-2330-1}
 	- simplesamlphp 1.8.1-1
 CVE-2011-4624
 	RESERVED
@@ -1438,8 +1580,8 @@
 	RESERVED
 CVE-2011-4454
 	RESERVED
-CVE-2011-4453
-	RESERVED
+CVE-2011-4453 (The PageListSort function in scripts/pagelist.php in PmWiki 2.x before ...)
+	TODO: check
 CVE-2011-4452
 	RESERVED
 CVE-2011-4451
@@ -2260,8 +2402,8 @@
 	RESERVED
 CVE-2011-4204
 	RESERVED
-CVE-2011-4203
-	RESERVED
+CVE-2011-4203 (CRLF injection vulnerability in calendar/set.php in the Calendar ...)
+	TODO: check
 CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions ...)
 	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image ...)
@@ -2704,8 +2846,8 @@
 	RESERVED
 CVE-2011-4038
 	RESERVED
-CVE-2011-4037
-	RESERVED
+CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog ...)
+	TODO: check
 CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo ...)
 	NOT-FOR-US: Schneider Electric Vijeo
 CVE-2011-4035 (Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo ...)
@@ -3010,8 +3152,8 @@
 	NOT-FOR-US: D-Link device
 CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier allows ...)
 	NOT-FOR-US: FFFTP
-CVE-2011-3990
-	RESERVED
+CVE-2011-3990 (Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in ...)
+	TODO: check
 CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows ...)
 	NOT-FOR-US: DBD::mysqlPP Perl module
 CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE ...)
@@ -3787,21 +3929,17 @@
 	RESERVED
 CVE-2011-3667
 	RESERVED
-CVE-2011-3666
-	RESERVED
+CVE-2011-3666 (Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS ...)
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3665
-	RESERVED
+CVE-2011-3665 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3664
-	RESERVED
+CVE-2011-3664 (Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey ...)
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3663
-	RESERVED
+CVE-2011-3663 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -3809,19 +3947,17 @@
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2011-3662
 	RESERVED
-CVE-2011-3661
-	RESERVED
+CVE-2011-3661 (YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3660
-	RESERVED
+CVE-2011-3660 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	TODO: check
 CVE-2011-3659
 	RESERVED
-CVE-2011-3658
-	RESERVED
+CVE-2011-3658 (The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 8)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 8)
@@ -6493,8 +6629,7 @@
 	NOT-FOR-US: Chyrp
 CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector Appliance ...)
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2011-2778
-	RESERVED
+CVE-2011-2778 (Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow ...)
 	{DSA-2363-1}
 	- tor 0.2.2.35-1
 CVE-2011-2777
@@ -6526,12 +6661,10 @@
 CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html ...)
 	{DSA-2335-1}
 	- man2html 1.6g-6
-CVE-2011-2769
-	RESERVED
+CVE-2011-2769 (Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE ...)
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
-CVE-2011-2768
-	RESERVED
+CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge, sends a ...)
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
 CVE-2011-2767




More information about the Secure-testing-commits mailing list