[Secure-testing-commits] r18571 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Mar 2 13:07:25 UTC 2012


Author: jmm
Date: 2012-03-02 13:07:24 +0000 (Fri, 02 Mar 2012)
New Revision: 18571

Modified:
   data/CVE/list
Log:
dolibar NFU is itp'd


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-01 21:14:44 UTC (rev 18570)
+++ data/CVE/list	2012-03-02 13:07:24 UTC (rev 18571)
@@ -496,9 +496,9 @@
 CVE-2012-1227 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: pluck
 CVE-2012-1226 (Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 ...)
-	NOT-FOR-US: Dolibarr CMS
+	- dolibarr <itp> (bug #634783)
 CVE-2012-1225 (Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and ...)
-	NOT-FOR-US: Dolibarr CMS
+	- dolibarr <itp> (bug #634783)
 CVE-2012-1224 (Cross-site scripting (XSS) vulnerability in system/classes/login.php ...)
 	NOT-FOR-US: ContentLion Alpha
 CVE-2012-1223 (RabidHamster R2/Extreme 1.65 and earlier uses a small search space of ...)
@@ -13832,7 +13832,8 @@
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1474
 	RESERVED
-	NOT-FOR-US: PaX patched kernels
+	NOT-FOR-US: PaX hardening patch
+	NOTE: http://seclists.org/oss-sec/2011/q1/579
 CVE-2011-1473
 	RESERVED
 CVE-2011-1472 (The Nokia E75 phone with firmware before 211.12.01 allows physically ...)




More information about the Secure-testing-commits mailing list