[Secure-testing-commits] r19586 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Jun 25 07:17:42 UTC 2012
Author: jmm
Date: 2012-06-25 07:17:41 +0000 (Mon, 25 Jun 2012)
New Revision: 19586
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
openjdk-6 fixed
mark python hash collision issues as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-06-25 06:02:27 UTC (rev 19585)
+++ data/CVE/list 2012-06-25 07:17:41 UTC (rev 19586)
@@ -4749,13 +4749,13 @@
CVE-2012-1726 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1725 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1724 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1723 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1722 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- openjdk-6 <not-affected> (specific to Oracle Java)
@@ -4767,28 +4767,28 @@
- openjdk-6 <unfixed> (bug #677487)
- openjdk-7 <unfixed>
CVE-2012-1719 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1718 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1717 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1716 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1715
RESERVED
CVE-2012-1714
RESERVED
CVE-2012-1713 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1712
RESERVED
CVE-2012-1711 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed> (bug #677487)
+ - openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1710 (Unspecified vulnerability in the Oracle WebCenter Forms Recognition ...)
NOT-FOR-US: Oracle Fusion
@@ -6103,13 +6103,12 @@
- libdbd-pg-perl 2.19.0-1 (bug #661536)
CVE-2012-1150
RESERVED
- - python2.6 2.6.8-0.1 (unimportant)
- - python2.7 <unfixed> (unimportant)
- - python3.2 <unfixed> (unimportant)
- [squeeze] - python2.5 <no-dsa> (unimportant)
- [squeeze] - python2.6 <no-dsa> (unimportant)
- [squeeze] - python3.1 <no-dsa> (unimportant)
- NOTE: the same hash DoS attack as other languages/bindings
+ - python2.6 2.6.8-0.1 (low)
+ - python2.7 <unfixed> (low)
+ - python3.2 <unfixed> (low)
+ [squeeze] - python2.5 <no-dsa> (Minor issue)
+ [squeeze] - python2.6 <no-dsa> (Minor issue)
+ [squeeze] - python3.1 <no-dsa> (Minor issue)
CVE-2012-1149 (Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, ...)
{DSA-2487-1 DSA-2473-1}
- libreoffice 1:3.4.5-1
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-06-25 06:02:27 UTC (rev 19585)
+++ data/spu-candidates.txt 2012-06-25 07:17:41 UTC (rev 19586)
@@ -380,6 +380,8 @@
python2.5 (CVE-2011-4940 [python: potential XSS in SimpleHTTPServer's list_directory()])
http://www.openwall.com/lists/oss-security/2012/03/14/11
+CVE-2012-1150
+
--
python2.6 (CVE-2011-4940 [python: potential XSS in SimpleHTTPServer's list_directory()])
@@ -390,8 +392,16 @@
#650555
http://bugs.python.org/file23824/pypirc-secure.diff
+CVE-2012-1150
+
--
+python3.1
+
+CVE-2012-1150
+
+--
+
python-tornado (CVE-2012-2374)
#673987
More information about the Secure-testing-commits
mailing list