[Secure-testing-commits] r19927 - data/CVE
Arne Wichmann
aw-guest at alioth.debian.org
Fri Aug 10 20:41:59 UTC 2012
Author: aw-guest
Date: 2012-08-10 20:41:59 +0000 (Fri, 10 Aug 2012)
New Revision: 19927
Modified:
data/CVE/list
Log:
Bugs for CVE-2011-3389, CVE-2011-5095
CVE-2012-0876: python2.7 probably does not use embedded expat copy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-10 13:13:19 UTC (rev 19926)
+++ data/CVE/list 2012-08-10 20:41:59 UTC (rev 19927)
@@ -946,7 +946,8 @@
CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon ...)
NOT-FOR-US: Adiscon LogAnalyzer
CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...)
- - openssl <unfixed>
+ - openssl <unfixed> (bug #684527)
+ NOTE: seems fixed in testing/unstable
CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, ...)
- bitcoin 0.5.0~rc1-1
CVE-2012-3788
@@ -7989,6 +7990,7 @@
- expat 2.1.0~beta3-1 (bug #663579)
- python2.6 2.6.8-0.1
- python2.7 <unfixed>
+ NOTE: python2.7 probably does not use embedded expat copy
- python3.1 <unfixed>
- python3.2 <unfixed>
CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
@@ -15272,7 +15274,7 @@
NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
- curl 7.24.0-1
NOTE: http://curl.haxx.se/docs/adv_20120124B.html
- - python2.6 2.6.8-0.1
+ - python2.6 2.6.8-0.1 (bug #684511)
- python2.7 2.7.3~rc1-1
- python3.1 <unfixed> (bug #678998)
- python3.2 3.2.3~rc1-1
More information about the Secure-testing-commits
mailing list