[Secure-testing-commits] r17651 - in data: . CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-11-21 17:43:16 +0000 (Mon, 21 Nov 2011)
New Revision: 17651

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
gnash CVEfied, no-dsa
loggerhead no-dsa




Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-11-21 17:35:02 UTC (rev 17650)
+++ data/CVE/list	2011-11-21 17:43:16 UTC (rev 17651)
@@ -1,8 +1,6 @@
 CVE-2011-XXXX [busybox integer overflow]
 	- busybox <unfixed> (bug #635370)
 	NOTE: not sure if this has a security impact, but its something that should be corrected
-CVE-2011-XXXX [gnash cookie infoleak]
-	- gnash <unfixed> (low; bug #649384)
 CVE-2011-4464
 	RESERVED
 CVE-2011-4463
@@ -317,8 +315,10 @@
 	RESERVED
 CVE-2011-4329
 	RESERVED
-CVE-2011-4328
+CVE-2011-4328 [gnash cookie infoleak]
 	RESERVED
+	- gnash <unfixed> (low; bug #649384)
+	[squeeze] - gnash <no-dsa> (Minor issue)
 CVE-2011-4327
 	RESERVED
 CVE-2011-4326
@@ -10776,7 +10776,8 @@
 CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
 CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in ...)
-	- loggerhead 1.18.1-1
+	- loggerhead 1.18.1-1 (low)
+	[squeeze] - loggerhead <no-dsa> (Minor issue)
 CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to ...)
 	{DSA-2205-1}
 	- gdm3 2.30.5-9

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-11-21 17:35:02 UTC (rev 17650)
+++ data/spu-candidates.txt	2011-11-21 17:43:16 UTC (rev 17651)
@@ -52,6 +52,11 @@
 
 --
 
+gnash (CVE-2011-4328)
+#649384
+
+--
+
 hammerhead (CVE-2011-3204)
 #639890
 waiting unstable
@@ -68,6 +73,10 @@
 
 --
 
+loggerhead (CVE-2011-0728)
+
+--
+
 mutt (CVE-2011-1429)
 #619216