[Secure-testing-commits] r19520 - data/CVE

Luk Claes luk at alioth.debian.org
Sun Jun 17 15:49:05 UTC 2012 

Author: luk
Date: 2012-06-17 15:49:05 +0000 (Sun, 17 Jun 2012)
New Revision: 19520

Modified:
   data/CVE/list
Log:
mark clamav issues as fixed/invalid

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-17 15:43:55 UTC (rev 19519)
+++ data/CVE/list	2012-06-17 15:49:05 UTC (rev 19520)
@@ -4935,13 +4935,13 @@
 CVE-2012-1460 (The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka ...)
 	NOT-FOR-US: multiple Anti-Virus applications
 CVE-2012-1459 (The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, ...)
-	- clamav <unfixed> (low; bug #668273)
+	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav <no-dsa> (Minor issue)
 CVE-2012-1458 (The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus ...)
-	- clamav <unfixed> (low; bug #668273)
+	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav <no-dsa> (Minor issue)
 CVE-2012-1457 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK ...)
-	- clamav <unfixed> (low; bug #668273)
+	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav <no-dsa> (Minor issue)
 CVE-2012-1456 (The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat ...)
 	NOT-FOR-US: multiple Anti-Virus applications
@@ -4970,8 +4970,7 @@
 CVE-2012-1444 (The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus ...)
 	NOT-FOR-US: multiple Anti-Virus applications
 CVE-2012-1443 (The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, ...)
-	- clamav <unfixed> (low; bug #668273)
-	[squeeze] - clamav <no-dsa> (Minor issue)
+	NOTE: clamav, but upstream evaluated it as invalid (#668273)
 CVE-2012-1442 (The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee ...)
 	NOT-FOR-US: Multiple Antivirus applications
 CVE-2012-1441 (The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows ...)
@@ -5019,7 +5018,7 @@
 CVE-2012-1420 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command ...)
 	NOT-FOR-US: multiple Antivirus applications
 CVE-2012-1419 (The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat ...)
-	- clamav <unfixed> (low; bug #668273)
+	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav <no-dsa> (Minor issue)
 CVE-2012-1418 (Multiple unspecified vulnerabilities in Google Chrome before ...)
 	- chromium-browser <undetermined>

More information about the Secure-testing-commits mailing list