[Secure-testing-commits] r18343 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Jan 31 09:14:32 UTC 2012
Author: joeyh
Date: 2012-01-31 09:14:31 +0000 (Tue, 31 Jan 2012)
New Revision: 18343
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-31 08:11:52 UTC (rev 18342)
+++ data/CVE/list 2012-01-31 09:14:31 UTC (rev 18343)
@@ -2009,6 +2009,7 @@
CVE-2011-4886
RESERVED
CVE-2011-4885 (PHP before 5.3.9 computes hash values for form parameters without ...)
+ {DSA-2399-1}
- php5 5.3.9-1 (low)
CVE-2011-4884
RESERVED
@@ -2838,6 +2839,7 @@
NOTE: actually unfixed in experimental, not marked because of version numbering
CVE-2012-0057
RESERVED
+ {DSA-2399-1}
- php5 5.3.9-1 (bug #656308)
CVE-2012-0056 (The mem_write function in Linux kernel 2.6.39 and other versions, when ...)
- linux-2.6 3.2.1-2
@@ -3328,6 +3330,7 @@
CVE-2011-4567 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Zen Cart
CVE-2011-4566 (Integer overflow in the exif_process_IFD_TAG function in exif.c in the ...)
+ {DSA-2399-1}
- php5 5.3.9-1
CVE-2011-4565 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, ...)
NOT-FOR-US: XOOPS
@@ -9599,7 +9602,7 @@
{DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.39-3 (low)
CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
- {DSA-2340-1}
+ {DSA-2399-1 DSA-2340-1}
- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
- php-suhosin <unfixed> (bug #631283)
- postgresql-8.4 8.4.9-1 (bug #631285)
@@ -10992,6 +10995,7 @@
CVE-2011-1939
RESERVED
CVE-2011-1938 (Stack-based buffer overflow in the socket_connect function in ...)
+ {DSA-2399-1}
- php5 5.3.6-13 (low)
[lenny] - php5 <not-affected> (The Lenny version doesn't use memcpy)
CVE-2011-1937 (Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier ...)
More information about the Secure-testing-commits
mailing list