[Secure-testing-commits] r17341 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-10-01 10:28:59 +0000 (Sat, 01 Oct 2011)
New Revision: 17341

Modified:
   data/CVE/list
Log:
libav fixed
new puppet issue (micah, can you get a CVE ID for the fourth one?)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-30 21:14:16 UTC (rev 17340)
+++ data/CVE/list	2011-10-01 10:28:59 UTC (rev 17341)
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [Fix file indirectory injection]
+	- puppet 2.7.3-3
 CVE-2011-3872
 	RESERVED
 CVE-2011-3871
@@ -2,11 +4,13 @@
 	RESERVED
+	- puppet 2.7.3-3
 CVE-2011-3870
 	RESERVED
+	- puppet 2.7.3-3
 CVE-2011-3869
 	RESERVED
+	- puppet 2.7.3-3
 CVE-2011-3868
 	RESERVED
 CVE-2011-3867
 	REJECTED
-	NOTE: Duplicate of CVE-2011-2998, contacted MITRE and oss-sec for revocation
 CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly ...)
@@ -778,7 +782,7 @@
 CVE-2011-3505
 	RESERVED
 CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not properly ...)
-	- libav <unfixed> (bug #643859)
+	- libav 4:0.7.2-1 (bug #643859)
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and ...)