[Secure-testing-commits] r19633 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Jul 2 07:08:49 UTC 2012 

Author: jmm
Date: 2012-07-02 07:08:49 +0000 (Mon, 02 Jul 2012)
New Revision: 19633

Modified:
   data/CVE/list
Log:
chromium fixed
tiff has two source packages in wheezy :-/
new harmless gimp issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-01 23:34:15 UTC (rev 19632)
+++ data/CVE/list	2012-07-02 07:08:49 UTC (rev 19633)
@@ -1200,6 +1200,8 @@
 	RESERVED
 CVE-2012-3236
 	RESERVED
+	- gimp <unfixed> (unimportant)
+	NOTE: Harmless crasher w/o security impact
 CVE-2012-3235
 	RESERVED
 CVE-2012-3234
@@ -2026,45 +2028,45 @@
 CVE-2012-2835
 	RESERVED
 CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2833 (Buffer overflow in the JS API in the PDF functionality in Google ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2832 (The image-codec implementation in the PDF functionality in Google ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2831 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2830 (Google Chrome before 20.0.1132.43 does not properly set array values, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2829 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2828 (Multiple integer overflows in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2827 (Use-after-free vulnerability in the UI in Google Chrome before ...)
 	- chromium-browser <not-affected> (MacOS specific)
 CVE-2012-2826 (Google Chrome before 20.0.1132.43 does not properly implement texture ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows ...)
 	- libxslt <unfixed> (bug #679283)
 CVE-2012-2824 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2823 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2822 (The PDF functionality in Google Chrome before 20.0.1132.43 allows ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2821 (The autofill implementation in Google Chrome before 20.0.1132.43 does ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2820 (Google Chrome before 20.0.1132.43 does not properly implement SVG ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2819 (The texSubImage2D implementation in the WebGL subsystem in Google ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2818 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2817 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2816 (Google Chrome before 20.0.1132.43 on Windows does not properly isolate ...)
 	- chromium-browser <unfixed>
 CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2814
 	RESERVED
 CVE-2012-2813
@@ -2220,8 +2222,7 @@
 	- joomla <itp> (bug #571794)
 CVE-2012-2746
 	RESERVED
-	- 389-ds <not-affected>
-	NOTE: first version uploaded to Debian includes the fix
+	- 389-ds <not-affected> (Fixed before initial upload)
 CVE-2012-2745
 	RESERVED
 CVE-2012-2744
@@ -2390,8 +2391,7 @@
 	NOT-FOR-US: Red Hat Network configuration client
 CVE-2012-2678
 	RESERVED
-	- 389-ds <not-affected>
-	NOTE: first version uploaded to Debian includes the fix
+	- 389-ds <not-affected> (Fixed before initial upload)
 CVE-2012-2677
 	RESERVED
 	- boost1.42 <removed>
@@ -3985,7 +3985,7 @@
 	RESERVED
 CVE-2012-2098
 	RESERVED
-	- libcommons-compress-java <unfixed> (low; bug #674448)
+	- libcommons-compress-java 1.4.1-1 (low; bug #674448)
 	[squeeze] - libcommons-compress-java <no-dsa> (Minor issue)
 CVE-2012-2097
 	RESERVED
@@ -4013,6 +4013,7 @@
 CVE-2012-2088
 	RESERVED
 	- tiff 4.0-1 (bug #678140)
+	- tiff3 3.9.6-6
 CVE-2012-2087
 	RESERVED
 CVE-2012-2086 [gajim sql injection]
@@ -7029,7 +7030,7 @@
 	- phpldapadmin 1.2.2-1 (bug #658907)
 CVE-2012-0833
 	RESERVED
-	NOT-FOR-US: 389 LDAP server
+	- 389-ds <not-affected> (Fixed before initial upload)
 CVE-2012-0832
 	RESERVED
 CVE-2012-0831 (PHP before 5.3.10 does not properly perform a temporary change to the ...)

More information about the Secure-testing-commits mailing list