[Secure-testing-commits] r18606 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Mar 6 21:14:29 UTC 2012 

Author: joeyh
Date: 2012-03-06 21:14:28 +0000 (Tue, 06 Mar 2012)
New Revision: 18606

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-06 21:13:24 UTC (rev 18605)
+++ data/CVE/list	2012-03-06 21:14:28 UTC (rev 18606)
@@ -1,3 +1,5 @@
+CVE-2012-1499
+	RESERVED
 CVE-2012-1498
 	RESERVED
 CVE-2012-1497 (The default configuration of Movable Type before 4.38, 5.0x before ...)
@@ -1661,10 +1663,10 @@
 	RESERVED
 CVE-2012-0770
 	RESERVED
-CVE-2012-0769
-	RESERVED
-CVE-2012-0768
-	RESERVED
+CVE-2012-0769 (Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on ...)
+	TODO: check
+CVE-2012-0768 (The Matrix3D component in Adobe Flash Player before 10.3.183.16 and ...)
+	TODO: check
 CVE-2012-0767 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2012-0766 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
@@ -2695,8 +2697,8 @@
 	RESERVED
 CVE-2012-0323
 	RESERVED
-CVE-2012-0322
-	RESERVED
+CVE-2012-0322 (The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for ...)
+	TODO: check
 CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft Internet ...)
 	TODO: check
 CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 ...)
@@ -3304,9 +3306,11 @@
 	RESERVED
 CVE-2012-0248
 	RESERVED
+	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (low; bug #659339)
 CVE-2012-0247
 	RESERVED
+	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (bug #659339)
 CVE-2012-0246
 	RESERVED
@@ -3609,10 +3613,10 @@
 	TODO: check
 CVE-2012-0200 (The server in IBM solidDB 6.5 before Interim Fix 6 does not properly ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2012-0199
-	RESERVED
-CVE-2012-0198
-	RESERVED
+CVE-2012-0199 (Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning ...)
+	TODO: check
+CVE-2012-0198 (Stack-based buffer overflow in the RunAndUploadFile method in the ...)
+	TODO: check
 CVE-2012-0197
 	RESERVED
 CVE-2012-0196
@@ -9320,34 +9324,34 @@
 	RESERVED
 CVE-2011-3045
 	RESERVED
-CVE-2011-3044
-	RESERVED
-CVE-2011-3043
-	RESERVED
-CVE-2011-3042
-	RESERVED
-CVE-2011-3041
-	RESERVED
-CVE-2011-3040
-	RESERVED
-CVE-2011-3039
-	RESERVED
-CVE-2011-3038
-	RESERVED
-CVE-2011-3037
-	RESERVED
-CVE-2011-3036
-	RESERVED
-CVE-2011-3035
-	RESERVED
-CVE-2011-3034
-	RESERVED
-CVE-2011-3033
-	RESERVED
-CVE-2011-3032
-	RESERVED
-CVE-2011-3031
-	RESERVED
+CVE-2011-3044 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3043 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3042 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3041 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3040 (Google Chrome before 17.0.963.65 does not properly handle text, which ...)
+	TODO: check
+CVE-2011-3039 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3038 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3037 (Google Chrome before 17.0.963.65 does not properly perform casts of ...)
+	TODO: check
+CVE-2011-3036 (Google Chrome before 17.0.963.65 does not properly perform a cast of ...)
+	TODO: check
+CVE-2011-3035 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3034 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3033 (Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, ...)
+	TODO: check
+CVE-2011-3032 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+	TODO: check
+CVE-2011-3031 (Use-after-free vulnerability in the element wrapper in Google V8, as ...)
+	TODO: check
 CVE-2011-3030
 	RESERVED
 CVE-2011-3029
@@ -9857,7 +9861,7 @@
 CVE-2011-2897
 	RESERVED
 CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...)
-	{DSA-2354-1}
+	{DSA-2426-1 DSA-2354-1}
 	- cups 1.5.0-8
 	- gimp 2.6.11-5 (bug #643753)
 	TODO: There's more: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896
@@ -13035,6 +13039,7 @@
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
 CVE-2011-1782 (Heap-based buffer overflow in the read_channel_data function in ...)
+	{DSA-2426-1}
 	- gimp 2.6.11-3 (bug #629830)
 CVE-2011-1781 (SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows ...)
 	- systemtap 1.6-1 (bug #628819)
@@ -17635,12 +17640,16 @@
 CVE-2010-4620
 	RESERVED
 CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in ...)
+	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
 CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb ...)
+	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
 CVE-2010-4541 (Stack-based buffer overflow in the loadit function in ...)
+	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
 CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...)
+	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
 CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka ...)
 	NOT-FOR-US: Mafya Oyun Scrpti

More information about the Secure-testing-commits mailing list