[Secure-testing-commits] r18565 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Feb 29 22:05:00 UTC 2012
Author: jmm
Date: 2012-02-29 22:04:59 +0000 (Wed, 29 Feb 2012)
New Revision: 18565
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
suhosin no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-02-29 21:14:23 UTC (rev 18564)
+++ data/CVE/list 2012-02-29 22:04:59 UTC (rev 18565)
@@ -1368,7 +1368,8 @@
- as31 2.3.1-5 (bug #655496)
[squeeze] - as31 <no-dsa> (The maintainer consider it a minor issue. Check comments in the bug report)
CVE-2012-0807 (Stack-based buffer overflow in the suhosin_encrypt_single_cookie ...)
- - php-suhosin 0.9.33-1 (bug #657190)
+ - php-suhosin 0.9.33-1 (low; bug #657190)
+ [squeeze] - php-suhosin <no-dsa> (Exploitable in rare setups)
NOTE: https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa
CVE-2012-0806 (Buffer overflow in Bip 0.8.8 and earlier might allow remote ...)
{DSA-2393-1}
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-02-29 21:14:23 UTC (rev 18564)
+++ data/spu-candidates.txt 2012-02-29 22:04:59 UTC (rev 18565)
@@ -208,6 +208,11 @@
--
+php-suhosin (CVE-2012-0807)
+#657190
+
+--
+
prosody (CVE-2011-2205)
#579087
Also requires additional fix in lua-expat
More information about the Secure-testing-commits
mailing list