[Secure-testing-commits] r18137 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Jan 13 02:10:30 UTC 2012
Author: gilbert-guest
Date: 2012-01-13 02:10:30 +0000 (Fri, 13 Jan 2012)
New Revision: 18137
Modified:
data/CVE/list
Log:
libav and openssl issues fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-13 01:58:47 UTC (rev 18136)
+++ data/CVE/list 2012-01-13 02:10:30 UTC (rev 18137)
@@ -1858,7 +1858,7 @@
RESERVED
- linux-2.6 2.6.32-1
CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle ...)
- - openssl <unfixed>
+ - openssl 1.0.0f-1
[lenny] - openssl <not-affected> (no GOST support)
[squeeze] - openssl <not-affected> (no GOST support)
CVE-2012-0026
@@ -2078,7 +2078,7 @@
CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB ...)
- plib <unfixed> (bug #654785)
CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL before ...)
- - openssl <unfixed>
+ - openssl 1.0.0f-1
CVE-2011-4618
RESERVED
CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to overwrite ...)
@@ -2216,10 +2216,10 @@
{DSA-2362-1}
- acpid 1:2.0.11-1
CVE-2011-4577 (OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ...)
- - openssl <unfixed> (unimportant)
+ - openssl 1.0.0f-1 (unimportant)
NOTE: RFC 3779 support has not been enabled at compile time.
CVE-2011-4576 (The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before ...)
- - openssl <unfixed>
+ - openssl 1.0.0f-1
CVE-2011-4575
RESERVED
CVE-2011-4574
@@ -3580,7 +3580,7 @@
CVE-2011-4109 (Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when ...)
- openssl 1.0.0c-1
CVE-2011-4108 (The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ...)
- - openssl <unfixed> (low; bug #645805)
+ - openssl 1.0.0f-1 (low; bug #645805)
NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in ...)
- phpmyadmin 4:3.4.7.1-1
@@ -4378,7 +4378,7 @@
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
- ffmpeg <removed>
- - libav <unfixed> (bug #654534; bug #654573)
+ - libav 4:0.8~beta2-1 (bug #654534; bug #654573)
CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
@@ -4386,7 +4386,7 @@
CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...)
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
- - libav <unfixed> (bug #654534; bug #654572)
+ - libav 4:0.8~beta2-1 (bug #654534; bug #654572)
- ffmpeg <removed>
[squeeze] - chromium-browser <not-affected>
NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554
@@ -4396,7 +4396,7 @@
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
[squeeze] - chromium-browser <not-affected>
- - libav <unfixed> (bug #654534; bug #654571)
+ - libav 4:0.8~beta2-1 (bug #654534; bug #654571)
- ffmpeg <removed>
NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
More information about the Secure-testing-commits
mailing list