[Secure-testing-commits] r19458 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Jun 7 21:14:36 UTC 2012 

Author: joeyh
Date: 2012-06-07 21:14:35 +0000 (Thu, 07 Jun 2012)
New Revision: 19458

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-07 19:55:23 UTC (rev 19457)
+++ data/CVE/list	2012-06-07 21:14:35 UTC (rev 19458)
@@ -1828,6 +1828,7 @@
 	NOT-FOR-US: Incomplete wrapper provided by PHP as workaround for CVE-2012-1823/CVE-2012-2311
 CVE-2012-2334 [filter/source/msfilter msdffimp.cxx issue]
 	RESERVED
+	{DSA-2487-1}
 	- libreoffice 1:3.5.2~rc2-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
@@ -2820,6 +2821,7 @@
 CVE-2012-1948
 	RESERVED
 CVE-2012-1947 (Heap-based buffer overflow in the utf16_to_isolatin1 function in ...)
+	{DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 CVE-2012-1946 (Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore ...)
 	- iceweasel 10.0.5esr-1
@@ -2834,12 +2836,14 @@
 CVE-2012-1941 (Heap-based buffer overflow in the ...)
 	- iceweasel 10.0.5esr-1
 CVE-2012-1940 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+	{DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 CVE-2012-1939 (jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ...)
 	- iceweasel 10.0.5esr-1
 CVE-2012-1938 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel <not-affected> (Only affects iceweasel from experimental)
 CVE-2012-1937 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 CVE-2012-1936 (** DISPUTED ** The wp_create_nonce function in ...)
 	NOT-FOR-US: Disputed Wordpress issue
@@ -4644,7 +4648,7 @@
 	NOTE: the same hash DoS attack as other languages/bindings
 CVE-2012-1149
 	RESERVED
-	{DSA-2473-1}
+	{DSA-2487-1 DSA-2473-1}
 	- libreoffice 1:3.4.5-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
@@ -6567,6 +6571,7 @@
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2012-0441 (The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security ...)
+	{DSA-2490-1}
 	- nss 3.13.4-1
 CVE-2012-0440 (Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in ...)
 	- bugzilla <removed> (low)

More information about the Secure-testing-commits mailing list