[Secure-testing-commits] r18308 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jan 27 07:15:30 UTC 2012 

Author: jmm
Date: 2012-01-27 07:15:29 +0000 (Fri, 27 Jan 2012)
New Revision: 18308

Modified:
   data/CVE/list
Log:
bip fixed
new moodle issues
new qemu-kvm issue (fixed)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-26 23:13:02 UTC (rev 18307)
+++ data/CVE/list	2012-01-27 07:15:29 UTC (rev 18308)
@@ -234,7 +234,7 @@
 CVE-2012-0806 [bip: buffer overflow]
 	RESERVED
 	{DSA-2393-1}
-	- bip <unfixed> (bug #657217)
+	- bip 0.8.8-2 (bug #657217)
 	[lenny] - bip <not-affected> (Maintainer reports vulnerable code not present)
 CVE-2012-0805
 	RESERVED
@@ -245,26 +245,36 @@
 CVE-2012-0802 [spamdyke: incorrect use of the "snprintf()" and "vsnprintf()" func]
 	RESERVED
 	NOT-FOR-US: spamdyke
-CVE-2012-0801
+CVE-2012-0801 [MSA-12-0012: Form validation issue]
 	RESERVED
-CVE-2012-0800
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2012-0800 [MSA-12-0011: Browser autofill password issue]
 	RESERVED
-CVE-2012-0799
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2012-0799 [MSA-12-0010: Unauthorised access to session key]
 	RESERVED
-CVE-2012-0798
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2012-0798 [MSA-12-0009: Role access issue]
 	RESERVED
-CVE-2012-0797
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2012-0797 [MSA-12-0008: Unsynchronised access via tokens]
 	RESERVED
-CVE-2012-0796
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2012-0796 [MSA-12-0007: Email injection prevention]
 	RESERVED
-CVE-2012-0795
+	- moodle <unfixed>
+CVE-2012-0795 [MSA-12-0006: Additional email address validation]
 	RESERVED
-CVE-2012-0794
+	- moodle <unfixed>
+CVE-2012-0794 [MSA-12-0005: Encryption enhancement]
 	RESERVED
-CVE-2012-0793
+	- moodle <unfixed>
+CVE-2012-0793 [MSA-12-0004: Added profile image security]
 	RESERVED
-CVE-2012-0792
+	- moodle <unfixed>
+CVE-2012-0792 [MSA-12-0002: Personal information leak]
 	RESERVED
+	- moodle <unfixed>
 CVE-2012-0791 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...)
 	TODO: check
 CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping ...)
@@ -2855,6 +2865,7 @@
 	- nova <unfixed>
 CVE-2012-0029
 	RESERVED
+	- qemu-kvm 1.0+dfsg-5
 CVE-2012-0028
 	RESERVED
 	- linux-2.6 2.6.32-1

More information about the Secure-testing-commits mailing list