[Secure-testing-commits] r19917 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Aug 9 14:53:47 UTC 2012 

Author: jmm
Date: 2012-08-09 14:53:47 +0000 (Thu, 09 Aug 2012)
New Revision: 19917

Modified:
   data/CVE/list
Log:
"new" chef issues (all resolved)
two chrome issues not in chromium
libotr CVEfied
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-08-09 09:14:23 UTC (rev 19916)
+++ data/CVE/list	2012-08-09 14:53:47 UTC (rev 19917)
@@ -1,7 +1,7 @@
 CVE-2012-4178 (SQL injection vulnerability in spywall/includes/deptUploads_data.php ...)
-	TODO: check
+	NOT-FOR-US: Symantec Web Gateway
 CVE-2012-4177 (The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Ubisoft Uplay PC 
 CVE-2012-4176
 	RESERVED
 CVE-2012-4175
@@ -63,25 +63,23 @@
 CVE-2012-4147
 	RESERVED
 CVE-2011-5098 (chef-server-api/app/controllers/clients.rb in Chef Server in Chef ...)
-	TODO: check
+	- chef 0.10.10-1
 CVE-2011-5097 (chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef ...)
-	TODO: check
+	- chef 0.10.10-1
 CVE-2010-5142 (chef-server-api/app/controllers/users.rb in the API in Chef before ...)
-	TODO: check
+	- chef 0.10.10-1
 CVE-2012-4146 (Opera before 12.01 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-4145 (Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-4144 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-4143 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-4142 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-XXXX [redeclipse code execution through map files]
 	- redeclipse 1.2-3 (bug #684143)
-CVE-2012-XXXX [base64 buffer overflows]
-	- libotr <unfixed> (bug #684121)
 CVE-2012-XXXX [world-writeable directory]
 	- gpe-tetris <unfixed> (bug #684178)
 CVE-2012-XXXX [local privilege escalation munin to root]
@@ -384,7 +382,7 @@
 CVE-2012-4006
 	RESERVED
 CVE-2012-4005 (The NHN Japan NAVER LINE application before 2.5.5 for Android does not ...)
-	TODO: check
+	NOT-FOR-US: NHN Japan NAVER LINE 
 CVE-2012-4004
 	RESERVED
 CVE-2012-4003
@@ -1514,8 +1512,9 @@
 	RESERVED
 CVE-2012-3462
 	RESERVED
-CVE-2012-3461
+CVE-2012-3461 [base64 buffer overflows]
 	RESERVED
+	- libotr <unfixed> (bug #684121)
 CVE-2012-3460
 	RESERVED
 CVE-2012-3459
@@ -2574,7 +2573,7 @@
 CVE-2012-3021
 	RESERVED
 CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and ...)
-	TODO: check
+	NOT-FOR-US: Siemens Synco OZW Web Server
 CVE-2012-3019
 	RESERVED
 CVE-2012-3018 (The lockout-recovery feature in the Security Configurator component in ...)
@@ -2911,8 +2910,10 @@
 	RESERVED
 CVE-2012-2863
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2862
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2861
 	RESERVED
 CVE-2012-2860 (The date-picker implementation in Google Chrome before 21.0.1180.57 on ...)
@@ -3775,11 +3776,11 @@
 CVE-2012-2501
 	RESERVED
 CVE-2012-2500 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2499 (The IPsec implementation in Cisco AnyConnect Secure Mobility Client ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2498 (Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2497
 	RESERVED
 CVE-2012-2496 (A certain Java applet in the VPN downloader implementation in the ...)
@@ -3795,7 +3796,7 @@
 CVE-2012-2491
 	RESERVED
 CVE-2012-2490 (Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2489
 	RESERVED
 CVE-2012-2488 (Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series ...)
@@ -3827,17 +3828,17 @@
 CVE-2012-2475
 	RESERVED
 CVE-2012-2474 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2473
 	RESERVED
 CVE-2012-2472 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2471
 	RESERVED
 CVE-2012-2470
 	RESERVED
 CVE-2012-2469 (Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-2468
 	RESERVED
 CVE-2012-2467
@@ -4664,7 +4665,7 @@
 CVE-2012-2189
 	RESERVED
 CVE-2012-2188 (IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, ...)
-	TODO: check
+	NOT-FOR-US: IBM Power Hardware Management Console
 CVE-2012-2187
 	RESERVED
 CVE-2012-2186
@@ -6661,25 +6662,25 @@
 CVE-2012-1371
 	RESERVED
 CVE-2012-1370 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-1369
 	RESERVED
 CVE-2012-1368
 	RESERVED
 CVE-2012-1367 (The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-1366
 	RESERVED
 CVE-2012-1365 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-1364 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-1363
 	RESERVED
 CVE-2012-1362
 	RESERVED
 CVE-2012-1361 (Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-1360
 	RESERVED
 CVE-2012-1359

More information about the Secure-testing-commits mailing list