[Secure-testing-commits] r18931 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Apr 12 21:14:43 UTC 2012 

Author: joeyh
Date: 2012-04-12 21:14:42 +0000 (Thu, 12 Apr 2012)
New Revision: 18931

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-04-12 20:05:43 UTC (rev 18930)
+++ data/CVE/list	2012-04-12 21:14:42 UTC (rev 18931)
@@ -1,3 +1,13 @@
+CVE-2012-2230 (Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration ...)
+	TODO: check
+CVE-2012-2229
+	RESERVED
+CVE-2012-2228
+	RESERVED
+CVE-2012-2227
+	RESERVED
+CVE-2012-2226
+	RESERVED
 CVE-2012-2225 (360zip 1.93beta allows remote attackers to execute arbitrary code via ...)
 	NOT-FOR-US: 360zip
 CVE-2012-2224 (Xunlei Thunder before 7.2.6 allows remote attackers to execute ...)
@@ -1456,8 +1466,8 @@
 	RESERVED
 CVE-2012-1575
 	RESERVED
-CVE-2012-1574
-	RESERVED
+CVE-2012-1574 (The Kerberos/MapReduce security functionality in Apache Hadoop ...)
+	TODO: check
 CVE-2012-1573 (gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before ...)
 	{DSA-2441-1}
 	- gnutls26 2.12.18-1 (high)
@@ -2298,6 +2308,7 @@
 	- asterisk 1:1.8.10.0~dfsg-1 (bug #664411)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/16/10
 CVE-2012-1182 (The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before ...)
+	{DSA-2450-1}
 	- samba 2:3.6.4-1 (bug #668309)
 	- samba4 4.0.0~alpha19+dfsg1-1 (bug #668309)
 CVE-2012-1181 (fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP ...)
@@ -5653,8 +5664,8 @@
 	RESERVED
 CVE-2012-0134
 	RESERVED
-CVE-2012-0133
-	RESERVED
+CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers include a ...)
+	TODO: check
 CVE-2012-0132 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
 	TODO: check
 CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX ...)
@@ -8988,8 +8999,8 @@
 	- puppet 2.7.3-2
 CVE-2011-3847
 	RESERVED
-CVE-2011-3846
-	RESERVED
+CVE-2011-3846 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+	TODO: check
 CVE-2011-3845 (Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in ...)
 	NOT-FOR-US: Apple Safari
 CVE-2011-3844 (Apple Safari 5.0.5 does not properly implement the setInterval ...)

More information about the Secure-testing-commits mailing list