[Secure-testing-commits] r18876 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Apr 8 09:12:57 UTC 2012
Author: jmm
Date: 2012-04-08 09:12:54 +0000 (Sun, 08 Apr 2012)
New Revision: 18876
Modified:
data/CVE/list
Log:
tremulous no-dsa
kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-08 08:46:07 UTC (rev 18875)
+++ data/CVE/list 2012-04-08 09:12:54 UTC (rev 18876)
@@ -770,7 +770,7 @@
CVE-2012-1837 (The (1) webreports, (2) post/create-role, and (3) post/update-role ...)
NOT-FOR-US: Tivoli
CVE-2012-1836 (Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow ...)
- - inspircd 2.0.5-0.1
+ - inspircd 2.0.5-0.1 (bug #667914)
CVE-2012-1835
RESERVED
CVE-2012-1834
@@ -5167,6 +5167,7 @@
- openarena 0.8.5-6 (medium; bug #665656)
- ioquake3 <not-affected> (fixed before upload)
- tremulous 1.1.0-8 (bug #665842)
+ [squeeze] - tremulous <no-dsa> (Contrib not supported)
CVE-2010-5076
RESERVED
CVE-2009-5108
@@ -17144,7 +17145,10 @@
CVE-2011-1019
RESERVED
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.32)
- - linux-2.6 2.6.38-1
+ - linux-2.6 2.6.38-1 (unimportant)
+ NOTE: We won't fix this for Squeeze. This only applies to non-standard setups with fine
+ NOTE: grained security capability models, and an attacker can only load modules from
+ NOTE: /lib/modules, which is only writable with root privs
CVE-2011-1018 (logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute ...)
{DSA-2182-1}
- logwatch 7.3.6.cvs20090906-2 (bug #615995)
@@ -18734,8 +18738,8 @@
CVE-2011-0464 (Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 ...)
NOT-FOR-US: Novell Vibe OnPrem
CVE-2011-0463 (The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the ...)
- - linux-2.6 <unfixed>
- TODO: check
+ - linux-2.6 2.6.39-1
+ [squeeze] - linux-2.6 2.6.32-34
CVE-2011-0462 (Multiple cross-site scripting (XSS) vulnerabilities in the login page ...)
NOT-FOR-US: openSUSE Build Service
CVE-2011-0461 (/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 ...)
More information about the Secure-testing-commits
mailing list