[Secure-testing-commits] r19769 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jul 20 10:31:36 UTC 2012 

Author: jmm
Date: 2012-07-20 10:31:36 +0000 (Fri, 20 Jul 2012)
New Revision: 19769

Modified:
   data/CVE/list
Log:
puppet no-dsa
new mysql issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-20 09:31:43 UTC (rev 19768)
+++ data/CVE/list	2012-07-20 10:31:36 UTC (rev 19769)
@@ -1282,8 +1282,10 @@
 	RESERVED
 CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be impersonated]
 	RESERVED
-	- puppet <unfixed> (medium)
+	- puppet <unfixed> (low)
+	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
+	NOTE: There's no code fix, but this should be addressed in stable with a NEWS file warning about this
 CVE-2012-3407
 	RESERVED
 	NOT-FOR-US: plow
@@ -2796,7 +2798,7 @@
 CVE-2012-2749
 	RESERVED
 	{DSA-2496-1}
-	- mysql-5.1 <unfixed>
+	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.24+dfsg-1
 CVE-2012-2748 (Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote ...)
 	- joomla <itp> (bug #571794)
@@ -5403,8 +5405,12 @@
 	RESERVED
 CVE-2012-1757
 	RESERVED
+	- mysql-5.1 <not-affected> (Only affects 5.5)
+	- mysql-5.5 <unfixed> (bug #682210)
 CVE-2012-1756
 	RESERVED
+	- mysql-5.1 <not-affected> (Only affects 5.5)
+	- mysql-5.5 <unfixed> (bug #682210)
 CVE-2012-1755
 	RESERVED
 CVE-2012-1754
@@ -5447,8 +5453,12 @@
 	RESERVED
 CVE-2012-1735
 	RESERVED
+	- mysql-5.1 <not-affected> (Only affects 5.5)
+	- mysql-5.5 <unfixed> (bug #682210)
 CVE-2012-1734
 	RESERVED
+	- mysql-5.1 <removed>
+	- mysql-5.5 <unfixed> (bug #682210)
 CVE-2012-1733
 	RESERVED
 CVE-2012-1732
@@ -5564,6 +5574,8 @@
 	- mysql-5.5 5.5.23-1
 CVE-2012-1689
 	RESERVED
+	- mysql-5.1 <removed>
+	- mysql-5.5 <unfixed>  (bug #682210)
 CVE-2012-1688 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
@@ -8369,6 +8381,8 @@
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-0540
 	RESERVED
+	- mysql-5.1 <removed>
+	- mysql-5.5 <unfixed> (bug #682210)
 CVE-2012-0539 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
 	NOT-FOR-US: Oracle Sun Solaris
 CVE-2012-0538 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)

More information about the Secure-testing-commits mailing list