[Secure-testing-commits] r18219 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Jan 19 19:24:38 UTC 2012 

Author: jmm
Date: 2012-01-19 19:24:38 +0000 (Thu, 19 Jan 2012)
New Revision: 18219

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
tucan no-dsa
pid/mem issue not in lenny/squeeze
fix srcpkg name for network-manager-gnome
zope fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-19 19:12:13 UTC (rev 18218)
+++ data/CVE/list	2012-01-19 19:24:38 UTC (rev 18219)
@@ -1332,7 +1332,8 @@
 	NOT-FOR-US: ImpressPages CMS not in Debian
 CVE-2011-4931
 	RESERVED
-	- gpw <unfixed> (bug #651510)
+	- gpw <unfixed> (unimportant; bug #651510)
+	NOTE: This has only marginal security impact
 CVE-2011-4930
 	RESERVED
 CVE-2011-4929
@@ -1355,6 +1356,7 @@
 CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
 	- torque <not-affected> (The version in Debian doesn't yet have MUNGE support)
 CVE-2011-4924
+	- zope2.12 2.12.22-1
 	- zope3 <removed> (low)
 	- zope2.10 <removed> (low)
 	[lenny] - zope2.10 <no-dsa> (Minor issue)
@@ -2350,6 +2352,7 @@
 CVE-2012-0063
 	RESERVED
 	- tucan <unfixed> (bug #656388)
+	[squeeze] - tucan <no-dsa> (Minor issue)
 CVE-2012-0062
 	RESERVED
 CVE-2012-0061
@@ -2371,6 +2374,8 @@
 CVE-2012-0056
 	RESERVED
 	- linux-2.6 <unfixed>
+	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.39)
+	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.39)
 	NOTE: fix is http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e268337dfe26dfc7efd422a804dbb27977a3cccc (queued for 3.3)
 CVE-2012-0055
 	RESERVED
@@ -6497,7 +6502,7 @@
 	NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
 	TODO: File bugs
 CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in ...)
-	- network-manager-gnome <not-affected> (ifcfg-rh plugin not built/included in Debian)
+	- network-manager-applet <not-affected> (ifcfg-rh plugin not built/included in Debian)
 CVE-2011-3363
 	RESERVED
 	- linux-2.6 2.6.39-1

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-01-19 19:12:13 UTC (rev 18218)
+++ data/spu-candidates.txt	2012-01-19 19:24:38 UTC (rev 18219)
@@ -243,6 +243,11 @@
 
 --
 
+tucan (CVE-2012-0063)
+#656388
+
+--
+
 unixodbc (CVE-2011-1145)
 #617655

More information about the Secure-testing-commits mailing list