[Secure-testing-commits] r18032 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Jan 4 21:14:31 UTC 2012 

Author: joeyh
Date: 2012-01-04 21:14:30 +0000 (Wed, 04 Jan 2012)
New Revision: 18032

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-04 21:13:54 UTC (rev 18031)
+++ data/CVE/list	2012-01-04 21:14:30 UTC (rev 18032)
@@ -1,6 +1,13 @@
+CVE-2012-0288
+	RESERVED
+CVE-2011-5048 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Web ...)
+	TODO: check
+CVE-2011-5047 (Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in ...)
+	TODO: check
 CVE-2012-XXXX [inkscape files unexpectedly read from /tmp]
 	- inkscape <unfixed> (low; bug #654341)
 CVE-2012-0287
+	RESERVED
 	- wordpress 3.3.1+dfsg-1
 CVE-2012-0286
 	RESERVED
@@ -1339,7 +1346,7 @@
 	[lenny] - openssl <not-affected> (no GOST support)
 	[squeeze] - openssl <not-affected> (no GOST support)
 CVE-2012-0026
-	RESERVED
+	REJECTED
 CVE-2012-0025
 	RESERVED
 CVE-2012-0024 [maradns dos]
@@ -2833,8 +2840,8 @@
 	RESERVED
 CVE-2011-4198
 	RESERVED
-CVE-2011-4197
-	RESERVED
+CVE-2011-4197 (etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 ...)
+	TODO: check
 CVE-2011-XXXX [backuppc xss issue]
 	- backuppc 3.2.1-2 (bug #646865)
 CVE-2011-XXXX [spip privilege escalation]
@@ -5458,8 +5465,8 @@
 	TODO: check
 CVE-2011-3338
 	RESERVED
-CVE-2011-3337
-	RESERVED
+CVE-2011-3337 (eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 ...)
+	TODO: check
 CVE-2011-3336
 	RESERVED
 CVE-2011-3335
@@ -6512,6 +6519,7 @@
 CVE-2011-2965
 	RESERVED
 CVE-2011-2964 (foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 ...)
+	{DSA-2380-1}
 	- foomatic-filters 4.0.9-1
 	NOTE: There two implementation of the affected filter: the version from foomatic-filters
 	NOTE: 4.0 is written in C and has been assigned CVE-2011-2964 and the version in
@@ -7360,6 +7368,7 @@
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 CVE-2011-2697 (foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 ...)
+	{DSA-2380-1}
 	- hplip 3.10.6-2 (bug #635549; medium)
 	NOTE: hplip might have been fixed earlier than stable, current versions use foomatic-rip
 	NOTE: from foomatic-filters: /usr/lib/cups/filter/foomatic-rip
@@ -10514,9 +10523,11 @@
 	[squeeze] - krb5 <not-affected> (Only affecs 1.9 and higher)
 	[lenny] - krb5 <not-affected> (Only affecs 1.9 and higher)
 CVE-2011-1529 (The lookup_lockout_policy function in the Key Distribution Center ...)
+	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
 CVE-2011-1528 (The krb5_ldap_lockout_audit function in the Key Distribution Center ...)
+	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
 CVE-2011-1527 (The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT ...)
@@ -11051,12 +11062,12 @@
 	TODO: check
 CVE-2011-1387
 	RESERVED
-CVE-2011-1386
-	RESERVED
+CVE-2011-1386 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
+	TODO: check
 CVE-2011-1385
 	RESERVED
-CVE-2011-1384
-	RESERVED
+CVE-2011-1384 (The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd ...)
+	TODO: check
 CVE-2011-1383
 	RESERVED
 CVE-2011-1382

More information about the Secure-testing-commits mailing list