[Secure-testing-commits] r18411 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Feb 9 21:14:21 UTC 2012 

Author: joeyh
Date: 2012-02-09 21:14:20 +0000 (Thu, 09 Feb 2012)
New Revision: 18411

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-02-09 20:05:33 UTC (rev 18410)
+++ data/CVE/list	2012-02-09 21:14:20 UTC (rev 18411)
@@ -1,7 +1,17 @@
+CVE-2012-1038
+	RESERVED
+CVE-2012-1037
+	RESERVED
+CVE-2012-1036
+	RESERVED
+CVE-2012-1035 (AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for ...)
+	TODO: check
+CVE-2011-5078 (The web administration interface in the server in Sybase M-Business ...)
+	TODO: check
 CVE-2012-1034 (Multiple cross-site scripting (XSS) vulnerabilities in the admin ...)
 	NOT-FOR-US: EPiServer CMS
-CVE-2012-1033
-	RESERVED
+CVE-2012-1033 (The resolver in ISC BIND 9 through 9.8.1-P1 does not properly ...)
+	TODO: check
 CVE-2012-1032
 	RESERVED
 CVE-2012-1031 (Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in ...)
@@ -218,20 +228,20 @@
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
 CVE-2012-0929 (Multiple buffer overflows in Schneider Electric Modicon Quantum PLC ...)
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0928
-	RESERVED
-CVE-2012-0927
-	RESERVED
-CVE-2012-0926
-	RESERVED
-CVE-2012-0925
-	RESERVED
-CVE-2012-0924
-	RESERVED
-CVE-2012-0923
-	RESERVED
-CVE-2012-0922
-	RESERVED
+CVE-2012-0928 (The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through ...)
+	TODO: check
+CVE-2012-0927 (Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and ...)
+	TODO: check
+CVE-2012-0926 (The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+	TODO: check
+CVE-2012-0925 (Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer ...)
+	TODO: check
+CVE-2012-0924 (RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and ...)
+	TODO: check
+CVE-2012-0923 (The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+	TODO: check
+CVE-2012-0922 (rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+	TODO: check
 CVE-2011-5075 (translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 ...)
 	NOT-FOR-US: Support Incident Tracker
 CVE-2011-5074 (Multiple cross-site request forgery (CSRF) vulnerabilities in Support ...)
@@ -415,8 +425,7 @@
 	RESERVED
 CVE-2012-0840
 	RESERVED
-CVE-2012-0839
-	RESERVED
+CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...)
 	- ocaml <unfixed> (low)
 CVE-2012-0838
 	RESERVED
@@ -520,6 +529,7 @@
 	RESERVED
 CVE-2012-0804
 	RESERVED
+	{DSA-2407-1}
 	- cvs 2:1.12.13+real-7
 CVE-2012-0803
 	RESERVED
@@ -1292,7 +1302,7 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0449 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...)
-	{DSA-2402-1 DSA-2400-1}
+	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove <unfixed>
 	[lenny] - icedove <end-of-life>
 	- xulrunner <removed>
@@ -1324,7 +1334,7 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0444 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...)
-	{DSA-2402-1 DSA-2400-1}
+	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- libvorbis <unfixed>
 	- icedove <unfixed>
 	[lenny] - icedove <not-affected> (Vulnerable code not present)
@@ -1340,7 +1350,7 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0442 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-2402-1 DSA-2400-1}
+	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove <unfixed>
 	[lenny] - icedove <end-of-life>
 	- xulrunner <removed>
@@ -5554,46 +5564,46 @@
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3972
-	RESERVED
-CVE-2011-3971
-	RESERVED
-CVE-2011-3970
-	RESERVED
-CVE-2011-3969
-	RESERVED
-CVE-2011-3968
-	RESERVED
-CVE-2011-3967
-	RESERVED
-CVE-2011-3966
-	RESERVED
-CVE-2011-3965
-	RESERVED
-CVE-2011-3964
-	RESERVED
-CVE-2011-3963
-	RESERVED
-CVE-2011-3962
-	RESERVED
-CVE-2011-3961
-	RESERVED
-CVE-2011-3960
-	RESERVED
-CVE-2011-3959
-	RESERVED
-CVE-2011-3958
-	RESERVED
-CVE-2011-3957
-	RESERVED
-CVE-2011-3956
-	RESERVED
-CVE-2011-3955
-	RESERVED
-CVE-2011-3954
-	RESERVED
-CVE-2011-3953
-	RESERVED
+CVE-2011-3972 (The shader translator implementation in Google Chrome before ...)
+	TODO: check
+CVE-2011-3971 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+	TODO: check
+CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote ...)
+	TODO: check
+CVE-2011-3969 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+	TODO: check
+CVE-2011-3968 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+	TODO: check
+CVE-2011-3967 (Unspecified vulnerability in Google Chrome before 17.0.963.46 allows ...)
+	TODO: check
+CVE-2011-3966 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+	TODO: check
+CVE-2011-3965 (Google Chrome before 17.0.963.46 does not properly check signatures, ...)
+	TODO: check
+CVE-2011-3964 (Google Chrome before 17.0.963.46 does not properly implement the ...)
+	TODO: check
+CVE-2011-3963 (Google Chrome before 17.0.963.46 does not properly handle PDF FAX ...)
+	TODO: check
+CVE-2011-3962 (Google Chrome before 17.0.963.46 does not properly perform path ...)
+	TODO: check
+CVE-2011-3961 (Race condition in Google Chrome before 17.0.963.46 allows remote ...)
+	TODO: check
+CVE-2011-3960 (Google Chrome before 17.0.963.46 does not properly decode audio data, ...)
+	TODO: check
+CVE-2011-3959 (Buffer overflow in the locale implementation in Google Chrome before ...)
+	TODO: check
+CVE-2011-3958 (Google Chrome before 17.0.963.46 does not properly perform casts of ...)
+	TODO: check
+CVE-2011-3957 (Use-after-free vulnerability in the garbage-collection functionality ...)
+	TODO: check
+CVE-2011-3956 (The extension implementation in Google Chrome before 17.0.963.46 does ...)
+	TODO: check
+CVE-2011-3955 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
+	TODO: check
+CVE-2011-3954 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
+	TODO: check
+CVE-2011-3953 (Google Chrome before 17.0.963.46 does not prevent monitoring of the ...)
+	TODO: check
 CVE-2011-3952
 	RESERVED
 CVE-2011-3951
@@ -6304,7 +6314,7 @@
 CVE-2011-3671
 	RESERVED
 CVE-2011-3670 (Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before ...)
-	{DSA-2402-1 DSA-2400-1}
+	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 7.0-1
 	[lenny] - icedove <end-of-life>
 	- xulrunner <removed>

More information about the Secure-testing-commits mailing list