[Secure-testing-commits] r19079 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Apr 26 15:13:15 UTC 2012
Author: jmm
Date: 2012-04-26 15:13:15 +0000 (Thu, 26 Apr 2012)
New Revision: 19079
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
asterisk fixed
jetty fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-25 23:49:54 UTC (rev 19078)
+++ data/CVE/list 2012-04-26 15:13:15 UTC (rev 19079)
@@ -1,10 +1,10 @@
CVE-2012-2416 [http://downloads.asterisk.org/pub/security/AST-2012-006.html]
- - asterisk <unfixed> (bug #670180)
+ - asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
[squeeze] - asterisk <not-affected> (Vulnerable code not present)
CVE-2012-2415
- - asterisk <unfixed> (bug #670180)
+ - asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
CVE-2012-2414
- - asterisk <unfixed> (bug #670180)
+ - asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ...)
NOT-FOR-US: ownCloud
CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud 3.0.2 ...)
@@ -7442,7 +7442,8 @@
CVE-2011-4462 (Plone 4.1.3 and earlier computes hash values for form parameters ...)
- plone3 <removed>
CVE-2011-4461 (Jetty 8.1.0.RC2 and earlier computes hash values for form parameters ...)
- - jetty <unfixed>
+ - jetty 6.1.26-1
+ [squeeze] - jetty <no-dsa> (Minor issue)
CVE-2011-4460
RESERVED
CVE-2011-4459
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-04-25 23:49:54 UTC (rev 19078)
+++ data/spu-candidates.txt 2012-04-26 15:13:15 UTC (rev 19079)
@@ -153,6 +153,11 @@
--
+jetty (CVE-2011-4461)
+Fixed in 6.1.26
+
+--
+
kdeutils (CVE-2011-2725)
#635541
maintainers notified in bug log
More information about the Secure-testing-commits
mailing list