[Secure-testing-commits] r18319 - data/CVE
Paul Wise
pabs at alioth.debian.org
Sat Jan 28 07:33:04 UTC 2012
Author: pabs
Date: 2012-01-28 07:33:04 +0000 (Sat, 28 Jan 2012)
New Revision: 18319
Modified:
data/CVE/list
Log:
A couple of curl issues fixed in sid/testing
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-27 22:08:47 UTC (rev 18318)
+++ data/CVE/list 2012-01-28 07:33:04 UTC (rev 18319)
@@ -2858,8 +2858,9 @@
- linux-2.6 <unfixed>
CVE-2012-0037
RESERVED
-CVE-2012-0036
+CVE-2012-0036 (URL sanitization vulnerability)
RESERVED
+ - curl 7.24.0-1
CVE-2012-0035 (Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as ...)
- cedet <unfixed> (low; bug #655299)
- emacs23 <unfixed> (low; bug #655300)
@@ -6864,6 +6865,7 @@
- chromium-browser <unfixed>
- webkit <unfixed>
NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
+ - curl 7.24.0-1
CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...)
NOT-FOR-US: Opera
CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote ...)
More information about the Secure-testing-commits
mailing list