[Secure-testing-commits] r19676 - data/CVE
Yves-Alexis Perez
corsac at alioth.debian.org
Sat Jul 7 12:54:01 UTC 2012
Author: corsac
Date: 2012-07-07 12:54:01 +0000 (Sat, 07 Jul 2012)
New Revision: 19676
Modified:
data/CVE/list
Log:
add CVEs for vlc/naxsi/at-spi2-atk/asterisk
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-06 22:08:24 UTC (rev 19675)
+++ data/CVE/list 2012-07-07 12:54:01 UTC (rev 19676)
@@ -1,8 +1,5 @@
-CVE-2012-XXXX [VLC Ogg demuxer heap overflow]
- - vlc 2.0.2-1
-CVE-2012-XXXX [naxsi: file disclosure in nx_extract]
- - nginx 1.2.1-2
- [squeeze] - nginx <not-affected> (naxsi package was introduced in 1.1.18-1)
+CVE-2012-3863 [asterisk: Possible resource leak on uncompleted re-invite transactions]
+ - asterisk <unfixed>
CVE-2012-3847 (slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 ...)
NOT-FOR-US: Windows utility
CVE-2012-3846 (Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin ...)
@@ -958,6 +955,7 @@
RESERVED
CVE-2012-3382
RESERVED
+ - mono <unfixed>
CVE-2012-3381 [sblim-sfcb: insecure LD_LIBRARY_PATH usage]
RESERVED
NOT-FOR-US: sblim-sfcb
@@ -965,14 +963,18 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=838160
NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/7
NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/8
-CVE-2012-3380
+CVE-2012-3380 [naxsi: file disclosure in nx_extract]
+ - nginx 1.2.1-2
+ [squeeze] - nginx <not-affected> (naxsi package was introduced in 1.1.18-1)
+CVE-2012-3379 [as31: insecure file creation in /tmp]
RESERVED
-CVE-2012-3379
+ - as31 2.3.1-5 (bug #655496)
+CVE-2012-3378 [at-spi2-atk: insecure tempdir handling]
RESERVED
-CVE-2012-3378
+ - at-spi2-atk 2.5.3-1 (bug #678026)
+CVE-2012-3377 [VLC Ogg demuxer heap overflow]
RESERVED
-CVE-2012-3377
- RESERVED
+ - vlc 2.0.2-1
CVE-2012-3376
RESERVED
CVE-2012-3375
More information about the Secure-testing-commits
mailing list