[Secure-testing-commits] r19610 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Jun 26 21:14:52 UTC 2012


Author: joeyh
Date: 2012-06-26 21:14:51 +0000 (Tue, 26 Jun 2012)
New Revision: 19610

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-26 18:27:38 UTC (rev 19609)
+++ data/CVE/list	2012-06-26 21:14:51 UTC (rev 19610)
@@ -1,16 +1,16 @@
 CVE-2012-XXXX [extplorer CSRF]
 	- extplorer 2.1.0b6+dfsg.3-3
-CVE-2012-3797
+CVE-2012-3797 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3796
+CVE-2012-3796 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3795
+CVE-2012-3795 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3794
+CVE-2012-3794 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3793
+CVE-2012-3793 (Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3792
+CVE-2012-3792 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime 
 CVE-2012-3791 (Multiple SQL injection vulnerabilities in Simple Web Content ...)
 	NOT-FOR-US: Simple Web Content Management System
@@ -2288,11 +2288,9 @@
 	RESERVED
 CVE-2012-2696
 	RESERVED
-CVE-2012-2695
-	RESERVED
+CVE-2012-2695 (The Active Record component in Ruby on Rails before 3.0.14, 3.1.x ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2694
-	RESERVED
+CVE-2012-2694 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
 CVE-2012-2693 (libvirt, possibly before 0.9.12, does not properly assign USB devices ...)
 	- libvirt 0.9.12-1 (bug #677496)
@@ -2392,13 +2390,11 @@
 	- iptables <unfixed> (bug #675445)
 CVE-2012-2662
 	RESERVED
-CVE-2012-2661
-	RESERVED
+CVE-2012-2661 (The Active Record component in Ruby on Rails 3.0.x before 3.0.13, ...)
 	- rails <not-affected> (Doesn't affects RoR in Squeeze)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675396; bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/448
-CVE-2012-2660
-	RESERVED
+CVE-2012-2660 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/449
 CVE-2012-2659
@@ -2453,8 +2449,7 @@
 	RESERVED
 CVE-2012-2640
 	RESERVED
-CVE-2012-2639
-	RESERVED
+CVE-2012-2639 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
 	NOTE: Duplicate with CVE-2011-4940 http://www.openwall.com/lists/oss-security/2012/06/26/3
 CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT ...)
 	NOT-FOR-US: SmallPICT
@@ -3142,11 +3137,9 @@
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2012-2382
 	RESERVED
-CVE-2012-2381
-	RESERVED
+CVE-2012-2381 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller ...)
 	NOT-FOR-US: Apache Roller
-CVE-2012-2380
-	RESERVED
+CVE-2012-2380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
 	NOT-FOR-US: Apache Roller
 CVE-2012-2379
 	RESERVED
@@ -31533,8 +31526,8 @@
 	- kfreebsd-6 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-7 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-8 <not-affected> (jail binary not yet provided, see bug #584930)
-CVE-2010-2021
-	RESERVED
+CVE-2010-2021 (Open redirect vulnerability in the Global Redirect module 6.x-1.x ...)
+	TODO: check
 CVE-2010-2020 (sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (Minor issue, not enabled by default)




More information about the Secure-testing-commits mailing list