[Secure-testing-commits] r19895 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Aug 6 15:22:13 UTC 2012
Author: jmm
Date: 2012-08-06 15:22:12 +0000 (Mon, 06 Aug 2012)
New Revision: 19895
Modified:
data/CVE/list
Log:
record moodle issues alredy fixed, thanks odyx
php5 fixed
consolekit no-dsa
updates on older undetermined issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-06 10:01:02 UTC (rev 19894)
+++ data/CVE/list 2012-08-06 15:22:12 UTC (rev 19895)
@@ -1648,7 +1648,7 @@
CVE-2012-3399 (Config/diff.php in Basilic 1.5.14 allows remote attackers to execute ...)
NOT-FOR-US: Basilic
CVE-2012-3398 (Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, ...)
- - moodle <unfixed> (bug #682203)
+ - moodle 2.2.3.dfsg-1 (bug #682203)
[squeeze] - moodle <no-dsa> (Minor issue)
CVE-2012-3397 (lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, ...)
- moodle 2.2.3.dfsg-2.1 (bug #682203)
@@ -1666,13 +1666,13 @@
- moodle 2.2.3.dfsg-2.1 (bug #682203)
[squeeze] - moodle <not-affected> (Only affects >= 2.1)
CVE-2012-3392 (mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x ...)
- - moodle <unfixed> (bug #682203)
+ - moodle 2.2.3.dfsg-1 (bug #682203)
[squeeze] - moodle <not-affected> (Only affects >= 2.1)
CVE-2012-3391 (mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before ...)
- - moodle <unfixed> (bug #682203)
+ - moodle 2.2.3.dfsg-1 (bug #682203)
[squeeze] - moodle <not-affected> (Only affects >= 2.1)
CVE-2012-3390 (lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 ...)
- - moodle <unfixed> (bug #682203)
+ - moodle 2.2.3.dfsg-1 (bug #682203)
[squeeze] - moodle <not-affected> (Only affects >= 2.1)
CVE-2012-3389 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- moodle 2.2.3.dfsg-2.2 (bug #682203)
@@ -3296,7 +3296,7 @@
CVE-2012-2689
RESERVED
CVE-2012-2688 (Unspecified vulnerability in the _php_stream_scandir function in the ...)
- - php5 <unfixed> (low; bug #683274)
+ - php5 5.4.4-4 (low; bug #683274)
CVE-2012-2687 [apache mod_negotiation XSS]
RESERVED
- apache2 2.2.22-8 (low)
@@ -12148,9 +12148,8 @@
[lenny] - nginx <no-dsa> (Minor issue)
NOTE: http://trac.nginx.org/nginx/changeset/4268/nginx
CVE-2011-4314 (message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used ...)
- - openid4java <undetermined>
- - jbossas4 <undetermined>
- NOTE: jbossas4 may contain an embedded copy as it does not depend on openid4java
+ - openid4java 0.9.6.662-1
+ - jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, ...)
{DSA-2347-1}
- bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
@@ -16110,7 +16109,7 @@
{DSA-2410-1}
- libpng 1.2.46-5 (high; bug #660026)
CVE-2011-3025 (Google Chrome before 17.0.963.56 does not properly parse H.264 data, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 17.0.963.56~r121963-1
- webkit <undetermined>
CVE-2011-3024 (Google Chrome before 17.0.963.56 allows remote attackers to cause a ...)
- chromium-browser 17.0.963.56~r121963-1
@@ -18064,7 +18063,7 @@
CVE-2011-2394
RESERVED
CVE-2011-2393 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
- - kfreebsd-7 <undetermined>
+ - kfreebsd-7 <removed>
- kfreebsd-8 <undetermined>
- kfreebsd-9 <undetermined>
- kfreebsd-10 <undetermined>
@@ -24294,7 +24293,8 @@
NOTE: tiff (4) might be affected, it was branched after tiff3 3.8.2 but the tiffdump.c code is completely different so I'm unsure
CVE-2010-4664
RESERVED
- - consolekit 0.4.2-1
+ - consolekit 0.4.2-1 (low)
+ [squeeze] - consolekit <no-dsa> (Minor issue)
CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple ...)
NOT-FOR-US: CMS Made Simple
CVE-2010-4662
More information about the Secure-testing-commits
mailing list