[Secure-testing-commits] r18183 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2012-01-16 08:03:43 +0000 (Mon, 16 Jan 2012)
New Revision: 18183

Modified:
   data/CVE/list
Log:
new jenkins issue
new openttd issue
bug for libv8 issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-16 07:37:16 UTC (rev 18182)
+++ data/CVE/list	2012-01-16 08:03:43 UTC (rev 18183)
@@ -1,3 +1,7 @@
+CVE-2012-XXXX [Jenkins and hash collision attack]
+	- jenkins-winstone 0.9.10-jenkins-31+dfsg-1 (bug #655553)
+	- jenkins-executable-war 1.25-1 (bug #655554)
+	- jenkins 1.409.3+dfsg-2
 CVE-2011-XXXX [apr dos]
 	- apr <unfixed> (low; bug #655435)
 CVE-2011-XXXX [wicd cleartext passwords]
@@ -2238,6 +2242,9 @@
 	RESERVED
 CVE-2012-0049
 	RESERVED
+	- openttd <unfixed> (low)
+	[squeeze] - openttd <no-dsa> (Minor issue)
+	NOTE: http://vcs.openttd.org/svn/changeset/23764
 CVE-2012-0048
 	RESERVED
 CVE-2012-0047
@@ -7911,7 +7918,7 @@
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
 CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
-	- libv8 <undetermined>
+	- libv8 <unfixed> (bug #656057)
 CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	- webkit <undetermined>