[Secure-testing-commits] r18829 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Apr 4 21:15:21 UTC 2012 

Author: joeyh
Date: 2012-04-04 21:15:20 +0000 (Wed, 04 Apr 2012)
New Revision: 18829

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-04-04 19:59:07 UTC (rev 18828)
+++ data/CVE/list	2012-04-04 21:15:20 UTC (rev 18829)
@@ -1,3 +1,9 @@
+CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict the use ...)
+	TODO: check
+CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a hash to ...)
+	TODO: check
+CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass ...)
+	TODO: check
 CVE-2012-XXXX [XSS from 5.0.4 release]
 	- phppgadmin 5.0.4-1
 	[squeeze] - phppgadmin <no-dsa> (Minor issue, will be fixed through a point update)
@@ -147,8 +153,8 @@
 	RESERVED
 CVE-2012-1983
 	RESERVED
-CVE-2012-1982
-	RESERVED
+CVE-2012-1982 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
 CVE-2012-1981
 	RESERVED
 CVE-2012-1980
@@ -542,8 +548,8 @@
 	RESERVED
 CVE-2012-1791
 	RESERVED
-CVE-2012-1777
-	RESERVED
+CVE-2012-1777 (SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 ...)
+	TODO: check
 CVE-2012-1776 (Multiple heap-based buffer overflows in VideoLAN VLC media player ...)
 	TODO: check
 CVE-2012-1775 (Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 ...)
@@ -1881,6 +1887,7 @@
 	- systemd 44-1 (bug #664364)
 CVE-2012-1173
 	RESERVED
+	{DSA-2447-1}
 CVE-2012-1172 [PHP 5.3.x Corrupted $_FILES indices lead to security concern]
 	RESERVED
 	- php5 5.4.0-1 (bug #663760)
@@ -4033,8 +4040,8 @@
 	NOT-FOR-US: Cisco Digital Media Manager
 CVE-2012-0328 (Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain ...)
 	NOT-FOR-US: Janetter
-CVE-2012-0327
-	RESERVED
+CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 ...)
+	TODO: check
 CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not ...)
 	NOT-FOR-US: twicca application for Android
 CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before ...)
@@ -4345,8 +4352,8 @@
 	NOT-FOR-US: Final Draft
 CVE-2011-5001 (Stack-based buffer overflow in the CGenericScheduler::AddTask function ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2011-5000
-	RESERVED
+CVE-2011-5000 (The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and ...)
+	TODO: check
 CVE-2011-4999
 	RESERVED
 CVE-2011-4998
@@ -5172,8 +5179,8 @@
 	RESERVED
 CVE-2012-0132
 	RESERVED
-CVE-2012-0131
-	RESERVED
+CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX ...)
+	TODO: check
 CVE-2012-0130
 	RESERVED
 CVE-2012-0129
@@ -10724,8 +10731,9 @@
 	- chromium-browser 17.0.963.83~r127885-1
 CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the ...)
 	- chromium-browser 17.0.963.83~r127885-1
-CVE-2011-3048 (memory corruption flaw)
+CVE-2011-3048
 	RESERVED
+	{DSA-2446-1}
 	- libpng <unfixed> (bug #667475)
 CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows remote ...)
 	- chromium-browser 17.0.963.83~r127885-1

More information about the Secure-testing-commits mailing list