[Secure-testing-commits] r18648 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Mar 12 13:44:58 UTC 2012


Author: jmm
Date: 2012-03-12 13:44:58 +0000 (Mon, 12 Mar 2012)
New Revision: 18648

Modified:
   data/CVE/list
Log:
fixup expat entries, these are genuine security issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-12 13:36:28 UTC (rev 18647)
+++ data/CVE/list	2012-03-12 13:44:58 UTC (rev 18648)
@@ -827,15 +827,13 @@
 	NOTE: the same hash DoS attack as other languages/bindings
 CVE-2012-1149
 	RESERVED
-	- expat <unfixed> (unimportant)
-	NOTE: the same hash DoS attack as other languages/bindings
 CVE-2012-1148
 	RESERVED
-	- expat <unfixed> (unimportant)
+	- expat <unfixed>
 	NOTE: memory leak
 CVE-2012-1147
 	RESERVED
-	- expat <unfixed> (unimportant)
+	- expat <unfixed>
 	NOTE: resource leak
 CVE-2012-1146
 	RESERVED
@@ -1514,6 +1512,8 @@
 	RESERVED
 CVE-2012-0876
 	RESERVED
+	- expat <unfixed>
+	NOTE: the same hash DoS attack as other languages/bindings
 CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
 	RESERVED
 	- systemtap <unfixed> (low; bug #660929; bug #660886)




More information about the Secure-testing-commits mailing list