[Secure-testing-commits] r19772 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 20 12:10:50 UTC 2012
Author: jmm
Date: 2012-07-20 12:10:50 +0000 (Fri, 20 Jul 2012)
New Revision: 19772
Modified:
data/CVE/list
Log:
mysql-5.1 bugnum
mark dubious mysql issue as <undetermined>
new ecryptfs-utils issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-20 11:01:28 UTC (rev 19771)
+++ data/CVE/list 2012-07-20 12:10:50 UTC (rev 19772)
@@ -1283,6 +1283,7 @@
[squeeze] - bash <no-dsa> (Minor issue)
CVE-2012-3409
RESERVED
+ - ecryptfs-utils <unfixed>
CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be impersonated]
RESERVED
- puppet <unfixed> (low)
@@ -5460,7 +5461,7 @@
- mysql-5.5 <unfixed> (bug #682210)
CVE-2012-1734
RESERVED
- - mysql-5.1 <removed>
+ - mysql-5.1 <removed> (bug #682212)
- mysql-5.5 <unfixed> (bug #682210)
CVE-2012-1733
RESERVED
@@ -5577,8 +5578,8 @@
- mysql-5.5 5.5.23-1
CVE-2012-1689
RESERVED
- - mysql-5.1 <removed>
- - mysql-5.5 <unfixed> (bug #682210)
+ - mysql-5.1 <removed> (bug #682212)
+ - mysql-5.5 <unfixed> (bug #682210)
CVE-2012-1688 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
{DSA-2496-1}
- mysql-5.1 5.1.62-1 (bug #670636)
@@ -6856,7 +6857,6 @@
NOTE: memory leak
CVE-2012-1147 (readfilemap.c in expat before 2.1.0 allows context-dependent attackers ...)
- expat <not-affected> (readfilemap.c is not used in *IX)
- NOTE: resource leak
CVE-2012-1146 (The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in ...)
- linux-2.6 3.2.10-1 (low)
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -7521,9 +7521,9 @@
- apache2 <not-affected> (LD_LIBRARY_PATH not set in debian package)
CVE-2012-0882
RESERVED
- - mysql-5.1 <unfixed> (bug #675872)
+ - mysql-5.1 <undetermined> (bug #675872)
NOTE: limited information about issue, only a video of exploit taking place
- NOTE: see redhat link
+ NOTE: This is likely fixed in current releases (5.1.62 updated yassl), marking as <undetermined> for now
CVE-2012-0881
RESERVED
CVE-2012-0880
@@ -8384,7 +8384,7 @@
NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0540
RESERVED
- - mysql-5.1 <removed>
+ - mysql-5.1 <removed> (bug #682212)
- mysql-5.5 <unfixed> (bug #682210)
CVE-2012-0539 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
NOT-FOR-US: Oracle Sun Solaris
More information about the Secure-testing-commits
mailing list