[Secure-testing-commits] r19768 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jul 20 09:31:43 UTC 2012 

Author: jmm
Date: 2012-07-20 09:31:43 +0000 (Fri, 20 Jul 2012)
New Revision: 19768

Modified:
   data/CVE/list
Log:
bugnum for tiff3
new moodle issues
libjpeg-turbo ITPed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-20 08:33:05 UTC (rev 19767)
+++ data/CVE/list	2012-07-20 09:31:43 UTC (rev 19768)
@@ -1321,7 +1321,7 @@
 CVE-2012-3401 [tiff2pdf heap-based buffer overflow due to improper initialization of T2P context struct pointer]
 	RESERVED
 	- tiff <unfixed> (bug #682115)
-	- tiff3 <unfixed>
+	- tiff3 <unfixed> (bug #682195)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577
 CVE-2012-3400
 	RESERVED
@@ -1331,28 +1331,51 @@
 	NOT-FOR-US: Basilic
 CVE-2012-3398
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <no-dsa> (Minor issue)
 CVE-2012-3397
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
 CVE-2012-3396
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
 CVE-2012-3395
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
 CVE-2012-3394
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
 CVE-2012-3393
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
 CVE-2012-3392
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
 CVE-2012-3391
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
 CVE-2012-3390
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
 CVE-2012-3389
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
 CVE-2012-3388
 	RESERVED
+	- moodle <unfixed> (bug #682203)
+	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
 CVE-2012-3387
 	RESERVED
+	- moodle <not-affected> (Only affects 2.3)
 CVE-2012-3386
 	RESERVED
 	- automake <not-affected> (Vulnerable code not present)
@@ -2646,10 +2669,7 @@
 	NOTE: http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=f183580d61c054f7f6bb35cfe29e1b342390fbebcd
 CVE-2012-2806 [libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images]
 	RESERVED
-	TODO: check
-	NOTE: http://www.openwall.com/lists/oss-security/2012/07/17/3
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=826849
-	NOTE: http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830
+	- libjpeg-turbo <itp> (bug #612341)
 CVE-2012-2805
 	RESERVED
 CVE-2012-2804

More information about the Secure-testing-commits mailing list