[Secure-testing-commits] r17408 - in data: CVE DSA

Adam D. Barratt adsb at alioth.debian.org
Tue Oct 11 18:08:18 UTC 2011


Author: adsb
Date: 2011-10-11 18:08:18 +0000 (Tue, 11 Oct 2011)
New Revision: 17408

Modified:
   data/CVE/list
   data/DSA/list
Log:
DSA 2322-1 (bugzilla)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-11 10:46:27 UTC (rev 17407)
+++ data/CVE/list	2011-10-11 18:08:18 UTC (rev 17408)
@@ -2849,6 +2849,7 @@
 	- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to the archive)
 CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...)
 	- bugzilla <not-affected> (Only affects Bugzilla on Windows)
 CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through ...)
@@ -4443,10 +4444,13 @@
 	RESERVED
 CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
 	- bugzilla <removed> (low)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
@@ -11474,6 +11478,7 @@
 	NOT-FOR-US: Majordomo
 CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
 	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 ...)
 	- mediawiki 1:1.15.5-3 (low; bug #611787)
@@ -11481,6 +11486,7 @@
 	[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
 	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
 	{DSA-2188-1}
@@ -11509,6 +11515,7 @@
 	NOT-FOR-US: VMware ESXi
 CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, ...)
 	- bugzilla <removed>
+	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 	NOTE: perl and associate packages are CVE-2010-2761 and CVE-2010-4411 (see above reference)
 CVE-2010-4571
@@ -11519,9 +11526,11 @@
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
 CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
 	- bugzilla <removed> (bug #611176)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
 	- bugzilla <removed> (high; bug #611176)
+	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2010-4566 (The web authentication form in the NT4 authentication component in ...)
 	NOT-FOR-US: Citrix Acces Gateway

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-10-11 10:46:27 UTC (rev 17407)
+++ data/DSA/list	2011-10-11 18:08:18 UTC (rev 17408)
@@ -1,3 +1,6 @@
+[11 Oct 2011] DSA-2322-1 bugzilla - several
+	{CVE-2011-2979 CVE-2010-4567 CVE-2010-4568 CVE-2010-4572 CVE-2011-0046 CVE-2011-0048 CVE-2011-2379 CVE-2011-2380 CVE-2011-2381 CVE-2011-2978}
+	[squeeze] - bugzilla 3.6.2.0-4.4	                                  
 [10 Oct 2011] DSA-2321-1 moin - cross-site scripting
 	{CVE-2011-1058}
 	[squeeze] - moin 1.9.3-1+squeeze1




More information about the Secure-testing-commits mailing list