[Secure-testing-commits] r19610 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Jun 26 21:14:52 UTC 2012
Author: joeyh
Date: 2012-06-26 21:14:51 +0000 (Tue, 26 Jun 2012)
New Revision: 19610
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-06-26 18:27:38 UTC (rev 19609)
+++ data/CVE/list 2012-06-26 21:14:51 UTC (rev 19610)
@@ -1,16 +1,16 @@
CVE-2012-XXXX [extplorer CSRF]
- extplorer 2.1.0b6+dfsg.3-3
-CVE-2012-3797
+CVE-2012-3797 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3796
+CVE-2012-3796 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3795
+CVE-2012-3795 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3794
+CVE-2012-3794 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3793
+CVE-2012-3793 (Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3792
+CVE-2012-3792 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
CVE-2012-3791 (Multiple SQL injection vulnerabilities in Simple Web Content ...)
NOT-FOR-US: Simple Web Content Management System
@@ -2288,11 +2288,9 @@
RESERVED
CVE-2012-2696
RESERVED
-CVE-2012-2695
- RESERVED
+CVE-2012-2695 (The Active Record component in Ruby on Rails before 3.0.14, 3.1.x ...)
- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2694
- RESERVED
+CVE-2012-2694 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
CVE-2012-2693 (libvirt, possibly before 0.9.12, does not properly assign USB devices ...)
- libvirt 0.9.12-1 (bug #677496)
@@ -2392,13 +2390,11 @@
- iptables <unfixed> (bug #675445)
CVE-2012-2662
RESERVED
-CVE-2012-2661
- RESERVED
+CVE-2012-2661 (The Active Record component in Ruby on Rails 3.0.x before 3.0.13, ...)
- rails <not-affected> (Doesn't affects RoR in Squeeze)
- ruby-activerecord-3.2 3.2.6-1 (bug #675396; bug #675429)
NOTE: http://seclists.org/oss-sec/2012/q2/448
-CVE-2012-2660
- RESERVED
+CVE-2012-2660 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
NOTE: http://seclists.org/oss-sec/2012/q2/449
CVE-2012-2659
@@ -2453,8 +2449,7 @@
RESERVED
CVE-2012-2640
RESERVED
-CVE-2012-2639
- RESERVED
+CVE-2012-2639 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
NOTE: Duplicate with CVE-2011-4940 http://www.openwall.com/lists/oss-security/2012/06/26/3
CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT ...)
NOT-FOR-US: SmallPICT
@@ -3142,11 +3137,9 @@
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2012-2382
RESERVED
-CVE-2012-2381
- RESERVED
+CVE-2012-2381 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller ...)
NOT-FOR-US: Apache Roller
-CVE-2012-2380
- RESERVED
+CVE-2012-2380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Apache Roller
CVE-2012-2379
RESERVED
@@ -31533,8 +31526,8 @@
- kfreebsd-6 <not-affected> (jail binary not yet provided, see bug #584930)
- kfreebsd-7 <not-affected> (jail binary not yet provided, see bug #584930)
- kfreebsd-8 <not-affected> (jail binary not yet provided, see bug #584930)
-CVE-2010-2021
- RESERVED
+CVE-2010-2021 (Open redirect vulnerability in the Global Redirect module 6.x-1.x ...)
+ TODO: check
CVE-2010-2020 (sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD ...)
- kfreebsd-6 <removed>
[lenny] - kfreebsd-6 <no-dsa> (Minor issue, not enabled by default)
More information about the Secure-testing-commits
mailing list