[Secure-testing-commits] r18271 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Jan 24 15:58:40 UTC 2012 

Author: jmm
Date: 2012-01-24 15:58:40 +0000 (Tue, 24 Jan 2012)
New Revision: 18271

Modified:
   data/CVE/list
Log:
bind fixed
rewrite two older 9.8-only issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-24 15:21:28 UTC (rev 18270)
+++ data/CVE/list	2012-01-24 15:58:40 UTC (rev 18271)
@@ -3892,8 +3892,7 @@
 	RESERVED
 CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, ...)
 	{DSA-2347-1}
-	- bind9 <unfixed> (high; bug #649099)
-	NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
+	- bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
 CVE-2011-4312 (Multiple cross-site scripting (XSS) vulnerabilities in the commenting ...)
 	NOT-FOR-US: Review Board
 CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access keys, ...)
@@ -9499,7 +9498,9 @@
 CVE-2011-2466
 	RESERVED
 CVE-2011-2465 (Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and ...)
-	- bind9 <not-affected> (Only affects 9.8, which hasn't been uploaded yet)
+	- bind9 1:9.8.1.dfsg.P1-1
+	[squeeze] - bind9 <not-affected> (Only affects 9.8)
+	[lenny] - bind9 <not-affected> (Only affects 9.8)
 CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, ...)
 	{DSA-2272-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
@@ -11046,8 +11047,9 @@
 	[squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
 	[lenny] - fglrx-driver <no-dsa> (Non-free not supported)
 CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...)
-	- bind9 <not-affected> (Only affects 9.8.0, never uploaded to the archive)
-	NOTE: https://www.isc.org/CVE-2011-1907
+	- bind9 1:9.8.1.dfsg.P1-1
+	[squeeze] - bind9 <not-affected> (Only affects 9.8.0)
+	[lenny] - bind9 <not-affected> (Only affects 9.8.0)
 CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, ...)
 	- mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534

More information about the Secure-testing-commits mailing list