[Secure-testing-commits] r20775 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Sun Dec 30 16:05:42 UTC 2012 

Author: jmm
Date: 2012-12-30 16:05:41 +0000 (Sun, 30 Dec 2012)
New Revision: 20775

Modified:
   data/CVE/list
Log:
no-dsa: empathy, n-m, qtnx, firebird
cleanup older mozilla entries


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-30 16:02:54 UTC (rev 20774)
+++ data/CVE/list	2012-12-30 16:05:41 UTC (rev 20775)
@@ -1967,7 +1967,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/30/3
 CVE-2012-6076 [inkscape reads .eps files from /tmp instead of the current directory]
 	RESERVED
-	- inkscape 0.48.3.1-1.3 (bug #654341)
+	- inkscape 0.48.3.1-1.3 (low; bug #654341)
 	NOTE: https://bugs.launchpad.net/inkscape/+bug/911146
 CVE-2012-6075 [qemu e1000 emulated device guest-side buffer overflow]
 	RESERVED
@@ -3606,7 +3606,8 @@
 CVE-2012-5530 (The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot ...)
 	- pcp <unfixed>
 CVE-2012-5529 (TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, ...)
-	- firebird2.5 <unfixed> (bug #693210)
+	- firebird2.5 <unfixed> (low; bug #693210)
+	[squeeze] - firebird2.5 <no-dsa> (Minor issue)
 CVE-2012-5528
 	RESERVED
 CVE-2012-5527
@@ -20230,6 +20231,7 @@
 	NOT-FOR-US: WebSphere
 CVE-2011-4170 (Cross-site scripting (XSS) vulnerability in the ...)
 	- empathy 3.2.1.1-1
+	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
 CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before ...)
 	NOT-FOR-US: HP Managed Printing Administration
@@ -20530,6 +20532,7 @@
 	RESERVED
 	- wpasupplicant 0.7.3-1
 	- network-manager 0.9.4.0-1
+	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: might be fixed earlier; I checked the source versions in Wheezy
 CVE-2011-4072
 	RESERVED
@@ -21800,6 +21803,8 @@
 CVE-2011-3658 (The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and ...)
 	- iceweasel 9.0-1
 	- iceape 2.7.1-1
+	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
+	[squeeze] - iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2011-3657 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.5
@@ -23482,7 +23487,6 @@
 	NOTE: http://git.gnome.org/browse/libxml2/commit/?id=d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
 CVE-2011-3101 (Google Chrome before 19.0.1084.46 on Linux does not properly mitigate ...)
 	- chromium-browser 20.0.1132.21~r139451-1
-	- icedove 10.0.5-1
 CVE-2011-3100 (Google Chrome before 19.0.1084.46 does not properly draw dash paths, ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3099 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
@@ -24058,7 +24062,8 @@
 	NOT-FOR-US: Mambo
 CVE-2011-2916
 	RESERVED
-	- qtnx <removed> (bug #637439)
+	- qtnx <removed> (low; bug #637439)
+	[squeeze] - qtnx <no-dsa> (Minor issue)
 CVE-2011-2915 (Off-by-one error in the CSoundFile::ReadAMS2 function in ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1

More information about the Secure-testing-commits mailing list