[Secure-testing-commits] r18609 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Mar 7 13:37:36 UTC 2012


Author: jmm
Date: 2012-03-07 13:37:35 +0000 (Wed, 07 Mar 2012)
New Revision: 18609

Modified:
   data/CVE/list
Log:
- phpcas is in the archive; it's embedded in glpi and moodle
- kernel regression doesn't affect us


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-07 13:17:23 UTC (rev 18608)
+++ data/CVE/list	2012-03-07 13:37:35 UTC (rev 18609)
@@ -851,9 +851,12 @@
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2012-1105
 	RESERVED
+	- moodle <unfixed> (bug #662945)
+	- glpi <unfixed> (bug #662944)
 CVE-2012-1104
 	RESERVED
-	NOT-FOR-US: phpCAS library from Jasig project, not in Debian
+	- moodle <unfixed> (bug #662945)
+	- glpi <unfixed> (bug #662944)
 CVE-2012-1103
 	RESERVED
 	{DSA-2416-1}
@@ -5355,9 +5358,8 @@
 	- colord 0.1.15-1 (medium; bug #650021)
 CVE-2011-4348
 	RESERVED
-	- linux-2.6 <unfixed>
+	- linux-2.6 <not-affected> (Incomplete fix for RHEL5-specific backport regression)
 	NOTE: incomplete fix for CVE-2011-2482
-	NOTE: CVE-2011-2482 was RHEL-specific so I guess it's the same here
 CVE-2011-4347
 	RESERVED
 	- linux-2.6 <unfixed>




More information about the Secure-testing-commits mailing list