[Secure-testing-commits] r18185 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Jan 16 17:12:45 UTC 2012 

Author: jmm
Date: 2012-01-16 17:12:45 +0000 (Mon, 16 Jan 2012)
New Revision: 18185

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
apt no-dsa
ECC issue was fixed in openssl DSA, remove no-dsa
new chrome issue
filed bug for eglibc tzfile int overflow


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-16 15:55:55 UTC (rev 18184)
+++ data/CVE/list	2012-01-16 17:12:45 UTC (rev 18185)
@@ -11,7 +11,8 @@
 CVE-2012-0696 (Multiple cross-site scripting (XSS) vulnerabilities in the Executive ...)
 	NOT-FOR-US: IBM Cognos
 CVE-2012-0695 (Multiple unspecified vulnerabilities in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2012-0694
 	RESERVED
 CVE-2012-0693
@@ -3245,7 +3246,6 @@
 	RESERVED
 	{DSA-2390-1}
 	- openssl 0.9.8o-4squeeze3 (bug #650621)
-	[lenny] - openssl <no-dsa> (Minor issue)
 CVE-2011-4353 [VP5/VP6 DoS]
 	RESERVED
 	{DSA-2378-1}
@@ -5538,7 +5538,8 @@
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
 CVE-2011-3634
 	RESERVED
-	- apt 0.8.11
+	- apt 0.8.11 (low)
+	[squeeze] - apt <no-dsa> (Minor issue, apt is only affected if apt-transport-https is installed)
 	NOTE: http://bazaar.launchpad.net/~donkult/apt/sid/revision/2053.1.28 
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353
 CVE-2011-3633
@@ -16539,7 +16540,7 @@
 	RESERVED
 CVE-2009-5029 [glibc heap overflow]
 	RESERVED
-	- eglibc <undetermined>
+	- eglibc <unfixed> (bug #656108)
 	- glibc <removed>
 	NOTE: http://support.novell.com/security/cve/CVE-2009-5029.html
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=735850

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-01-16 15:55:55 UTC (rev 18184)
+++ data/spu-candidates.txt	2012-01-16 17:12:45 UTC (rev 18185)
@@ -11,6 +11,13 @@
 
 alpine (CVE-2008-5514)
 
+--
+
+apt (CVE-2011-3634)
+http://bazaar.launchpad.net/~donkult/apt/sid/revision/2053.1.28 
+https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353
+
+
 -
 
 ax25-tools (CVE-2011-2910)

More information about the Secure-testing-commits mailing list