[Secure-testing-commits] r19925 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Aug 10 10:40:42 UTC 2012
Author: jmm
Date: 2012-08-10 10:40:42 +0000 (Fri, 10 Aug 2012)
New Revision: 19925
Modified:
data/CVE/list
Log:
various bitcoin issues (all resolved in sid)
new sudo issue RHEL-specific
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-10 07:47:03 UTC (rev 19924)
+++ data/CVE/list 2012-08-10 10:40:42 UTC (rev 19925)
@@ -481,7 +481,7 @@
CVE-2012-4005 (The NHN Japan NAVER LINE application before 2.5.5 for Android does not ...)
NOT-FOR-US: NHN Japan NAVER LINE
CVE-2012-4004 (Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile ...)
- TODO: check
+ NOT-FOR-US: Sleipnir Mobile
CVE-2012-4003
RESERVED
- glpi 0.83.31-1 (unimportant)
@@ -948,7 +948,7 @@
CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...)
- openssl <unfixed>
CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, ...)
- TODO: check
+ - bitcoin 0.5.0~rc1-1
CVE-2012-3788
RESERVED
CVE-2012-3787
@@ -1685,7 +1685,7 @@
RESERVED
- icinga <not-affected> (Debian uses dbconfig, which does the right thing, bug #683320)
CVE-2012-3440 (A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux ...)
- TODO: check
+ - sudo <not-affected> (Red Hat-specific postinst script)
CVE-2012-3439
RESERVED
CVE-2012-3438 (The Magick_png_malloc function in coders/png.c in GraphicsMagick ...)
@@ -2028,7 +2028,7 @@
CVE-2012-3343 (Cross-site request forgery (CSRF) vulnerability in Microdasys before ...)
NOT-FOR-US: Microdasys
CVE-2010-5141 (wxBitcoin and bitcoind before 0.3.5 do not properly handle script ...)
- TODO: check
+ - bitcoin <not-affected> (Fixed before initial release)
CVE-2012-3342
RESERVED
CVE-2012-3341
@@ -2838,13 +2838,13 @@
RESERVED
- hadoop <itp> (bug #535861)
CVE-2010-5140 (wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins ...)
- TODO: check
+ - bitcoin <not-affected> (Fixed before initial release)
CVE-2010-5139 (Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote ...)
- TODO: check
+ - bitcoin <not-affected> (Fixed before initial release)
CVE-2010-5138 (wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial ...)
- TODO: check
+ - bitcoin 0.4.0-1
CVE-2010-5137 (wxBitcoin and bitcoind before 0.3.5 allow remote attackers to cause a ...)
- TODO: check
+ - bitcoin <not-affected> (Fixed before initial release)
CVE-2012-2944 (Buffer overflow in the addchar function in common/parseconf.c in upsd ...)
{DSA-2484-1}
- nut 2.6.4-1
More information about the Secure-testing-commits
mailing list