[Secure-testing-commits] r18524 - in data: . CVE

Nico Golde nion at alioth.debian.org
Thu Feb 23 16:55:10 UTC 2012 

Author: nion
Date: 2012-02-23 16:55:10 +0000 (Thu, 23 Feb 2012)
New Revision: 18524

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
- NFUs
- new backuppc issue (CVE-2011-5081) - no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-02-23 09:58:47 UTC (rev 18523)
+++ data/CVE/list	2012-02-23 16:55:10 UTC (rev 18524)
@@ -1,7 +1,7 @@
 CVE-2012-1257
 	RESERVED
 CVE-2012-1256 (The single sign-on (SSO) implementation in EasyVista before ...)
-	TODO: check
+	NOT-FOR-US: EasyVista
 CVE-2012-1255
 	RESERVED
 CVE-2012-1254
@@ -115,9 +115,9 @@
 CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow ...)
 	NOT-FOR-US: Nova CMS
 CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic Analysis ...)
-	TODO: check
+	NOT-FOR-US: Basic Analysis
 CVE-2012-1198 (base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 ...)
-	TODO: check
+	NOT-FOR-US: Basic Analysis and Security Engine
 CVE-2012-1197 (Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build ...)
 	NOT-FOR-US: ACDSee
 CVE-2012-1196 (Directory traversal vulnerability in the VulCore web service ...)
@@ -133,7 +133,9 @@
 CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites ...)
 	NOTE: DNS protocol flaw
 CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC ...)
-	TODO: check
+	- backuppc <unfixed> (low; bug #661011)
+	[squeeze] - backuppc <no-dsa> (Minor issue)
+	[lenny] - backuppc <no-dsa> (Minor issue)
 CVE-2012-0869 [F*X XSS issues via various HTTP parameters in fup]
 	RESERVED
 	{DSA-2414-1}
@@ -2143,7 +2145,7 @@
 CVE-2012-0316
 	RESERVED
 CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows local ...)
-	TODO: check
+	NOT-FOR-US: ALFTP
 CVE-2012-0314 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
 	NOT-FOR-US: eAccess Pocket WiFi 
 CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 ...)
@@ -2191,7 +2193,7 @@
 CVE-2012-0292
 	RESERVED
 CVE-2012-0291 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite ...)
-	TODO: check
+	NOT-FOR-US: pcAnywhere
 CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite ...)
 	NOT-FOR-US: Symantec pcAnywhere
 CVE-2012-0289
@@ -2785,7 +2787,7 @@
 CVE-2012-0224 (Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 ...)
 	NOT-FOR-US: 7-Technologies (7T) AQUIS
 CVE-2012-0223 (Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 ...)
-	TODO: check
+	NOT-FOR-US: TERMIS
 CVE-2012-0222
 	RESERVED
 CVE-2012-0221

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-02-23 09:58:47 UTC (rev 18523)
+++ data/spu-candidates.txt	2012-02-23 16:55:10 UTC (rev 18524)
@@ -315,4 +315,8 @@
 
 systemtap (CVE-2012-0875)
 
+--
 
+backuppc (CVE-2011-5081)
+
+

More information about the Secure-testing-commits mailing list