[Secure-testing-commits] r18347 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Tue Jan 31 18:18:45 UTC 2012
Author: geissert
Date: 2012-01-31 18:18:44 +0000 (Tue, 31 Jan 2012)
New Revision: 18347
Modified:
data/CVE/list
Log:
remove dup suhosin issue, update the other one
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-31 17:15:28 UTC (rev 18346)
+++ data/CVE/list 2012-01-31 18:18:44 UTC (rev 18347)
@@ -355,11 +355,6 @@
[squeeze] - asterisk <not-affected> (Vulnerable code not present)
[lenny] - asterisk <not-affected> (Vulnerable code not present)
NOTE: AST-2012-001 http://downloads.asterisk.org/pub/security/AST-2012-001.html
-CVE-2012-XXXX [php5-suhosin Transparent Cookie Encryption Stack Buffer Overflow]
- - php5-suhosin <unfixed>
- [squeeze] - php5-suhosin <unfixed>
- [lenny] - php5-suhosin <unfixed>
- NOTE: http://seclists.org/fulldisclosure/2012/Jan/295
CVE-2012-0784
RESERVED
CVE-2012-0783
@@ -9614,7 +9609,8 @@
CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
{DSA-2399-1 DSA-2340-1}
- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
- - php-suhosin <unfixed> (bug #631283)
+ - php-suhosin <not-affected> (bug #631283; that portion is not used since PHP 5.3)
+ [lenny] - php-suhosin <unfixed> (bug #631283)
- postgresql-8.4 8.4.9-1 (bug #631285)
- postgresql-9.0 9.0.5-1 (bug #631285)
- postgresql-9.1 9.1~rc1-1
More information about the Secure-testing-commits
mailing list