[Secure-testing-commits] r19751 - in data: CVE DSA

Henri Salo fgeek-guest at alioth.debian.org
Tue Jul 17 18:37:27 UTC 2012


Author: fgeek-guest
Date: 2012-07-17 18:37:27 +0000 (Tue, 17 Jul 2012)
New Revision: 19751

Modified:
   data/CVE/list
   data/DSA/list
Log:
CVE-2012-3408 is not yet fixed in Debian packages. Discussed with Stig Sandbeck Mathisen and Sven Mueller.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-17 09:14:25 UTC (rev 19750)
+++ data/CVE/list	2012-07-17 18:37:27 UTC (rev 19751)
@@ -1280,8 +1280,7 @@
 	RESERVED
 CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be impersonated]
 	RESERVED
-	{DSA-2511-1}
-	- puppet 2.7.18-1 (medium)
+	- puppet <unfixed> (medium)
 	NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
 CVE-2012-3407
 	RESERVED

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2012-07-17 09:14:25 UTC (rev 19750)
+++ data/DSA/list	2012-07-17 18:37:27 UTC (rev 19751)
@@ -2,7 +2,7 @@
 	{CVE-2012-3382}
 	[squeeze] - mono 2.6.7-5.1
 [12 Jul 2012] DSA-2511-1 puppet - several
-	{CVE-2012-3408 CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867}
+	{CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867}
 	[squeeze] - puppet 2.6.2-5+squeeze6
 [12 Jul 2012] DSA-2510-1 extplorer - Cross-site request forgery
 	{CVE-2012-3362}




More information about the Secure-testing-commits mailing list