[Secure-testing-commits] r19000 - in data: . CVE

Wed Apr 18 14:40:27 UTC 2012

Author: jmm
Date: 2012-04-18 14:40:27 +0000 (Wed, 18 Apr 2012)
New Revision: 19000

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
zendframework fixed
jruby fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-04-18 09:14:41 UTC (rev 18999)
+++ data/CVE/list	2012-04-18 14:40:27 UTC (rev 19000)
@@ -14663,8 +14663,8 @@
 	[squeeze] - phpmyadmin <no-dsa> (may be bundled with future issues)
 CVE-2011-1939
 	RESERVED
-	- zendframework <unfixed>
-	TODO: check
+	- zendframework 1.11.6-1 (low)
+	[squeeze] - zendframework <no-dsa> (Minor issue)
 CVE-2011-1938 (Stack-based buffer overflow in the socket_connect function in ...)
 	{DSA-2399-1}
 	- php5 5.3.6-13 (low)
@@ -30031,8 +30031,7 @@
 	NOT-FOR-US: Heartlogic HL-SiteManager
 CVE-2010-1330
 	RESERVED
-	- jruby <undetermined>
-	TODO: check
+	- jruby 1.5.0~rc1-1
 CVE-2010-1329 (Imperva SecureSphere Web Application Firewall and Database Firewall ...)
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall and Database Firewall
 CVE-2010-1328 (Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore ...)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-04-18 09:14:41 UTC (rev 18999)
+++ data/spu-candidates.txt	2012-04-18 14:40:27 UTC (rev 19000)
@@ -368,6 +368,11 @@
 
 --
 
+zendframework (CVE-2011-1939)
+http://framework.zend.com/security/advisory/ZF2011-02
+
+--
+
 nss (CVE-2011-XXXX)
 https://bugzilla.mozilla.org/show_bug.cgi?id=641052
 


