[Secure-testing-commits] r20064 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Aug 31 10:13:16 UTC 2012 

Author: jmm
Date: 2012-08-31 10:13:16 +0000 (Fri, 31 Aug 2012)
New Revision: 20064

Modified:
   data/CVE/list
Log:
new chromium issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-08-31 09:09:11 UTC (rev 20063)
+++ data/CVE/list	2012-08-31 10:13:16 UTC (rev 20064)
@@ -4277,20 +4277,28 @@
 	RESERVED
 CVE-2012-2872
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2871
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2870
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2869
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2868
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2867
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2866
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2865
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-2864 (Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, ...)
 	- mesa 8.0.4-2 (bug #685667)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
@@ -10034,9 +10042,8 @@
 	NOT-FOR-US: Oracle SPARC Enterprise M Series Servers XCP 1110
 CVE-2012-0547
 	RESERVED
-	- openjdk-7 <unfixed>
-	- openjdk-6 <unfixed>
-	TODO: check
+	- openjdk-7 <unfixed> (low)
+	- openjdk-6 <unfixed> (low)
 CVE-2012-0546 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-0545 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
@@ -12361,7 +12368,7 @@
 	NOTE: http://vcs.openttd.org/svn/changeset/23764
 	NOTE: http://security.openttd.org/en/CVE-2012-0049
 CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial ...)
-	TODO: contacted MITRE, seems like a typo
+	TODO: contacted MITRE, will be rejected
 CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
 CVE-2012-0046 [mediawiki info leak]

More information about the Secure-testing-commits mailing list