[Secure-testing-commits] r18099 - data/CVE
Florian Weimer
fw at alioth.debian.org
Mon Jan 9 19:15:08 UTC 2012
Author: fw
Date: 2012-01-09 19:15:08 +0000 (Mon, 09 Jan 2012)
New Revision: 18099
Modified:
data/CVE/list
Log:
CVE-2012-0390: gnutls28 fixed
CVE-2011-5019: textpattern
CVE-2011-4905: activemq
CVE-2011-3376: tomcat7 fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-09 18:57:51 UTC (rev 18098)
+++ data/CVE/list 2012-01-09 19:15:08 UTC (rev 18099)
@@ -5,7 +5,8 @@
[squeeze] - znc <not-affected> (Only affects 0.200 and 0.202)
[lenny] - znc <not-affected> (Only affects 0.200 and 0.202)
CVE-2012-0390 (The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ...)
- TODO: check
+ - gnutls28 3.0.11-1
+ NOTE: gnutls26 lacks DTLS support and is not affected.
CVE-2012-0389
RESERVED
CVE-2012-0388
@@ -391,7 +392,9 @@
CVE-2011-5020
RESERVED
CVE-2011-5019 (Cross-site scripting (XSS) vulnerability in setup/index.php in ...)
- TODO: check
+ - textpattern <unfixed> (low)
+ NOTE: Vulnerability is in setup.php, which becomes inaccessible
+ NOTE: after installation.
CVE-2011-5018
RESERVED
CVE-2011-5017
@@ -642,7 +645,7 @@
CVE-2011-4906
RESERVED
CVE-2011-4905 (Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial ...)
- TODO: check
+ - activemq <unfixed>
CVE-2011-4899
RESERVED
CVE-2011-4898
@@ -5628,7 +5631,7 @@
CVE-2011-3377
RESERVED
CVE-2011-3376 (org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat ...)
- TODO: check
+ - tomcat7 7.0.22-1
CVE-2011-3375
RESERVED
CVE-2011-3374 [apt-key insecure validation]
More information about the Secure-testing-commits
mailing list