[Secure-testing-commits] r18291 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jan 25 15:54:57 UTC 2012 

Author: jmm
Date: 2012-01-25 15:54:57 +0000 (Wed, 25 Jan 2012)
New Revision: 18291

Modified:
   data/CVE/list
Log:
new wordpress issues
suhosin fixed
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-25 09:14:28 UTC (rev 18290)
+++ data/CVE/list	2012-01-25 15:54:57 UTC (rev 18291)
@@ -7,15 +7,15 @@
 CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...)
 	TODO: check
 CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z ...)
-	TODO: check
+	NOT-FOR-US: deV!L'z Clanportal
 CVE-2012-0905 (SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase ...)
-	TODO: check
+	NOT-FOR-US: deV!L'z Clanportal
 CVE-2012-0904 (VLC media player 1.1.11 allows remote attackers to cause a denial of ...)
 	TODO: check
 CVE-2012-0903 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop ...)
-	TODO: check
+	NOT-FOR-US: Zimbra Desktop
 CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: AirTies Air
 CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo ...)
 	TODO: check
 CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum ...)
@@ -210,7 +210,7 @@
 	[squeeze] - as31 <no-dsa> (The maintainer consider it a minor issue. Check comments in the bug report)
 CVE-2012-0807 [Suhosin extension "transparent cookie encryption buffer overflow"]
 	RESERVED
-	- php-suhosin <unfixed> (bug #657190)
+	- php-suhosin 0.9.33-1 (bug #657190)
 	NOTE: https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa
 CVE-2012-0806 [bip: buffer overflow]
 	RESERVED
@@ -275,6 +275,8 @@
 	RESERVED
 CVE-2012-0782
 	RESERVED
+	- wordpress <unfixed>
+	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
 CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers ...)
 	TODO: check
 CVE-2012-0780
@@ -1766,8 +1768,12 @@
 	- activemq 5.5.0+dfsg-5 (bug #655495)
 CVE-2011-4899
 	RESERVED
+	- wordpress <unfixed>
+	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
 CVE-2011-4898
 	RESERVED
+	- wordpress <unfixed>
+	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
 CVE-2010-5081 (Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 ...)
 	NOT-FOR-US: Mini-Stream RM-MP3 Converter
 CVE-2009-5111 (GoAhead WebServer allows remote attackers to cause a denial of service ...)

More information about the Secure-testing-commits mailing list