[Secure-testing-commits] r17991 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Jan 2 10:45:23 UTC 2012
Author: jmm
Date: 2012-01-02 10:45:22 +0000 (Mon, 02 Jan 2012)
New Revision: 17991
Modified:
data/CVE/list
Log:
new vlc issue
one older php issue unimportant
plone removed
mark ruby hash collision issue as not affecting ruby1.9
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-02 09:14:16 UTC (rev 17990)
+++ data/CVE/list 2012-01-02 10:45:22 UTC (rev 17991)
@@ -1,3 +1,5 @@
+CVE-2011-XXXX [http://www.videolan.org/security/sa1108.html]
+ - vlc 1.1.13-1
CVE-2011-XXXX [maradns dos]
- maradns 1.4.09-1
[squeeze] - maradns <no-dsa> (Minor issue)
@@ -700,6 +702,8 @@
RESERVED
CVE-2011-4815 (Ruby (aka CRuby) before 1.8.7-p357 computes hash values without ...)
- ruby1.8 <unfixed>
+ - ruby1.9 <not-affected> (Includes randomisation of the hash function)
+ - ruby1.9.1 <not-affected> (Includes randomisation of the hash function)
CVE-2012-0185
RESERVED
CVE-2012-0184
@@ -1892,7 +1896,7 @@
CVE-2011-4463
RESERVED
CVE-2011-4462 (Plone 4.1.3 and earlier computes hash values for form parameters ...)
- - plone3 <unfixed>
+ - plone3 <removed>
CVE-2011-4461 (Jetty 8.1.0.RC2 and earlier computes hash values for form parameters ...)
- jetty <unfixed>
CVE-2011-4460
@@ -10639,8 +10643,9 @@
- php5 5.3.6-1 (unimportant)
NOTE: under normal conditions the amount of memory leaked is insignificant
CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...)
- - php5 5.3.6-1
+ - php5 5.3.6-1 (unimportant)
[lenny] - php5 <not-affected> (intl extension included since 5.3)
+ NOTE: Only triggerable with malicious script
CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
{DSA-2266-1}
- php5 5.3.6-1
More information about the Secure-testing-commits
mailing list