[Secure-testing-commits] r20670 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2012-12-17 15:39:32 +0000 (Mon, 17 Dec 2012)
New Revision: 20670

Modified:
   data/CVE/list
Log:
freeradius fixed
foswiki ITP bugs
weechat tpu


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-16 21:14:28 UTC (rev 20669)
+++ data/CVE/list	2012-12-17 15:39:32 UTC (rev 20670)
@@ -9,8 +9,10 @@
 	RESERVED
 CVE-2012-6330
 	RESERVED
+	- foswiki <itp> (bug #509864)
 CVE-2012-6329
 	RESERVED
+	- foswiki <itp> (bug #509864)
 CVE-2012-6328
 	RESERVED
 CVE-2012-6327
@@ -1962,6 +1964,7 @@
 	RESERVED
 CVE-2012-5854 (Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows ...)
 	- weechat 0.3.9.1-1 (bug #693026)
+	[wheezy] - weechat 0.3.8-1+deb7u1
 	[squeeze] - weechat <not-affected> (Vulnerable code not present)
 CVE-2012-5848
 	RESERVED
@@ -2791,7 +2794,8 @@
 	RESERVED
 	- gnome-system-log <not-affected> (Fedora-specific issue)
 CVE-2012-5534 (The hook_process function in the plugin API for WeeChat 0.3.0 through ...)
-	- weechat <unfixed>
+	- weechat 0.3.9.2-1
+	[wheezy] - weechat 0.3.8-1+deb7u1
 CVE-2012-5533 (The http_request_split_value function in request.c in lighttpd 1.4.32 ...)
 	- lighttpd 1.4.31-2
 	[squeeze] - lighttpd <not-affected> (Introduced in 1.4.31)
@@ -14305,7 +14309,7 @@
 CVE-2012-1005 (Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software ...)
 	NOT-FOR-US: Sphinx Software Mobile Web Server
 CVE-2012-1004 (Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm ...)
-	NOT-FOR-US: Foswiki
+	- foswiki <itp> (bug #509864)
 CVE-2012-1003 (Multiple integer overflows in Opera 11.60 and earlier allow remote ...)
 	NOT-FOR-US: Opera
 CVE-2002-2483
@@ -16475,7 +16479,7 @@
 	NOT-FOR-US: OpenPegasus
 CVE-2011-4966
 	RESERVED
-	- freeradius <unfixed> (low; bug #694407)
+	- freeradius 2.1.12+dfsg-1.2 (low; bug #694407)
 CVE-2011-4965
 	RESERVED
 CVE-2011-4964