[Secure-testing-commits] r20650 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Dec 12 11:01:33 UTC 2012 

Author: jmm
Date: 2012-12-12 11:01:33 +0000 (Wed, 12 Dec 2012)
New Revision: 20650

Modified:
   data/CVE/list
Log:
NFUs
mysql status updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-12 09:26:58 UTC (rev 20649)
+++ data/CVE/list	2012-12-12 11:01:33 UTC (rev 20650)
@@ -2364,10 +2364,13 @@
 	RESERVED
 CVE-2012-5678
 	RESERVED
+	NOT-FOR-US: Adobe Flash
 CVE-2012-5677
 	RESERVED
+	NOT-FOR-US: Adobe Flash
 CVE-2012-5676
 	RESERVED
+	NOT-FOR-US: Adobe Flash
 CVE-2012-5675
 	RESERVED
 CVE-2012-5674 (Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when ...)
@@ -2549,21 +2552,24 @@
 CVE-2012-5616
 	RESERVED
 CVE-2012-5615 (MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, ...)
-	- mysql-5.1 <unfixed> (bug #695001)
-	- mysql-5.5 <unfixed> (bug #695001)
+	- mysql-5.1 <unfixed> (low; bug #695001)
+	- mysql-5.5 <unfixed> (low; bug #695001)
+	NOTE: https://mariadb.atlassian.net/browse/MDEV-3909
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/9
 CVE-2012-5614 (MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and ...)
-	- mysql-5.1 <unfixed> (bug #695001)
-	- mysql-5.5 <unfixed> (bug #695001)
+	- mysql-5.1 <unfixed> (low; bug #695001)
+	- mysql-5.5 <unfixed> (low; bug #695001)
+	NOTE: https://mariadb.atlassian.net/browse/MDEV-3910
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/7
 CVE-2012-5613 (** DISPUTED ** ...)
-	- mysql-5.1 <unfixed> (bug #695001)
-	- mysql-5.5 <unfixed> (bug #695001)
+	- mysql-5.1 <unfixed> (unimportant; bug #695001)
+	- mysql-5.5 <unfixed> (unimportant; bug #695001)
+	NOTE: Disputed as incorrect configuration
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/6
 CVE-2012-5612 (Heap-based buffer overflow in MySQL 5.5.19 and possibly other ...)
-	- mysql-5.1 <unfixed> (bug #695001)
+	- mysql-5.1 <not-affected> (MDL was introduced in 5.5)
 	- mysql-5.5 <unfixed> (bug #695001)
-	NOTE: http://seclists.org/fulldisclosure/2012/Dec/5
+	NOTE: https://mariadb.atlassian.net/browse/MDEV-3908
 CVE-2012-5611 (Stack-based buffer overflow in MySQL 5.5.19, 5.1.53, and possibly ...)
 	{DSA-2581-1}
 	- mysql-5.1 <unfixed> (bug #695001)

More information about the Secure-testing-commits mailing list