[Secure-testing-commits] r19667 - data/CVE

Yves-Alexis Perez corsac at alioth.debian.org
Thu Jul 5 06:34:06 UTC 2012


Author: corsac
Date: 2012-07-05 06:34:05 +0000 (Thu, 05 Jul 2012)
New Revision: 19667

Modified:
   data/CVE/list
Log:
mark apt as vulnerable to net-update GPG issues (code is present)  but mark
them as unimportant as net-update is disabled by default in Debian


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-05 06:17:39 UTC (rev 19666)
+++ data/CVE/list	2012-07-05 06:34:05 UTC (rev 19667)
@@ -492,7 +492,8 @@
 CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...)
-	- apt <unfixed>
+	- apt <unfixed> (unimportant)
+	NOTE: net-update is disabled by default on Debian
 CVE-2012-3586
 	RESERVED
 CVE-2012-3585
@@ -6739,7 +6740,8 @@
 CVE-2012-0955
 	RESERVED
 CVE-2012-0954 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...)
-	TODO: check
+	- apt <unfixed> (unimportant)
+	NOTE: net-update is not enabled by default in Debian
 CVE-2012-0953
 	RESERVED
 CVE-2012-0952




More information about the Secure-testing-commits mailing list