[Secure-testing-commits] r20718 - in data: CVE DSA

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Dec 27 23:08:37 UTC 2012 

Author: jmm
Date: 2012-12-27 23:08:36 +0000 (Thu, 27 Dec 2012)
New Revision: 20718

Modified:
   data/CVE/list
   data/DSA/list
Log:
eglibc, trousers no-dsa
additional ID fixed in mahara DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-27 21:14:41 UTC (rev 20717)
+++ data/CVE/list	2012-12-27 23:08:36 UTC (rev 20718)
@@ -6605,6 +6605,8 @@
 CVE-2012-4424 [alloca buffer overflow via strcoll]
 	RESERVED
 	- eglibc <unfixed> (low; bug #689423)
+	[wheezy] - eglibc <no-dsa> (Minor issue)
+	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2012-4423 (The virNetServerProgramDispatchCall function in libvirt before 0.10.2 ...)
 	- libvirt 0.9.12-5 (bug #687598)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
@@ -6646,7 +6648,9 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/7
 CVE-2012-4412 [strcoll int->buffer overflow]
 	RESERVED
-	- eglibc <unfixed> (bug #687530)
+	- eglibc <unfixed> (low; bug #687530)
+	[wheezy] - eglibc <no-dsa> (Minor issue)
+	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2012-4411 (The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ...)
 	{DSA-2543-1}
 	- xen 4.1.3-2
@@ -15826,7 +15830,8 @@
 	RESERVED
 CVE-2012-0698 (tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a ...)
 	{DSA-2576-1}
-	- trousers 0.3.9-1 (bug #692649)
+	- trousers 0.3.9-1 (low; bug #692649)
+	[squeeze] - trousers <no-dsa> (Minor issue)
 CVE-2011-5066 (The SibRaRecoverableSiXaResource class in the Default Messaging ...)
 	NOT-FOR-US: WebSphere
 CVE-2011-5065 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2012-12-27 21:14:41 UTC (rev 20717)
+++ data/DSA/list	2012-12-27 23:08:36 UTC (rev 20718)
@@ -1,5 +1,5 @@
 [27 Dec 2012] DSA-2591-1 mahara - several
-	{CVE-2012-2239 CVE-2012-2243 CVE-2012-2244 CVE-2012-2246 CVE-2012-2247 CVE-2012-2253}
+	{CVE-2012-2239 CVE-2012-2243 CVE-2012-2244 CVE-2012-2246 CVE-2012-2247 CVE-2012-2253 CVE-2012-6037}
 	[squeeze] - mahara 1.2.6-2+squeeze6
 [26 Dec 2012] DSA-2590-1 wireshark - several
 	{CVE-2012-4048 CVE-2012-4296}

More information about the Secure-testing-commits mailing list