[Secure-testing-commits] r19541 - in data: . CVE DSA

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jun 20 15:31:07 UTC 2012 

Author: jmm
Date: 2012-06-20 15:31:06 +0000 (Wed, 20 Jun 2012)
New Revision: 19541

Modified:
   data/CVE/list
   data/DSA/list
   data/spu-candidates.txt
Log:
mosh/vte no-dsa
filed bug for qemu
another mysql issue fixed in recent DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-20 15:01:12 UTC (rev 19540)
+++ data/CVE/list	2012-06-20 15:31:06 UTC (rev 19541)
@@ -1732,7 +1732,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/17/1
 CVE-2012-2738
 	RESERVED
-	- libvte9 <unfixed> (bug #677717)
+	- vte <unfixed> (bug #677717)
+	[squeeze] - vte <no-dsa> (Minor issue)
 CVE-2012-2737
 	RESERVED
 CVE-2012-2736 [NetworkManager: creating new WPA-secured wireless network results in insecure network being created instead]
@@ -1961,7 +1962,7 @@
 	NOTE: Debian build includes the vulnerable patch (in .diff.gz)
 CVE-2012-2652 [vulnerable to temporary file symlink attacks]
 	RESERVED
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #678280)
 CVE-2012-2651
 	RESERVED
 CVE-2012-2650
@@ -2662,7 +2663,8 @@
 	- php5 5.4.4~rc1-1
 CVE-2012-2385 [malicious escape sequences can cause denial of service for mosh-server]
 	RESERVED
-	- mosh 1.2.1-1 (bug #673871)
+	- mosh 1.2.1-1 (low; bug #673871)
+	[squeeze] - mosh 1.2.1-1 (low; bug #673871)
 	NOTE: https://github.com/keithw/mosh/issues/271
 	NOTE: https://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060e
 CVE-2012-2384 (Integer overflow in the i915_gem_do_execbuffer function in ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2012-06-20 15:01:12 UTC (rev 19540)
+++ data/DSA/list	2012-06-20 15:31:06 UTC (rev 19541)
@@ -1,5 +1,5 @@
 [18 Jun 2012] DSA-2496-1 mysql-5.1 - several
-	{CVE-2012-0583 CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 CVE-2012-2122 CVE-2012-2749}
+	{CVE-2012-0583 CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 CVE-2012-2102 CVE-2012-2122 CVE-2012-2749}
 	[squeeze] - mysql-5.1 5.1.63-0+squeeze1
 [16 Jun 2012] DSA-2495-1 openconnect - buffer overflow
 	{CVE-2012-3291}

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-06-20 15:01:12 UTC (rev 19540)
+++ data/spu-candidates.txt	2012-06-20 15:31:06 UTC (rev 19541)
@@ -485,6 +485,11 @@
 
 --
 
+vte (CVE-2012-2738)
+#677717
+
+--
+
 xinetd (CVE-2012-0862)
 https://bugzilla.redhat.com/show_bug.cgi?id=790940

More information about the Secure-testing-commits mailing list