[Secure-testing-commits] r18651 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Mar 12 14:48:33 UTC 2012 

Author: jmm
Date: 2012-03-12 14:48:33 +0000 (Mon, 12 Mar 2012)
New Revision: 18651

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
expat bugnum
kernel issue fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-12 14:07:35 UTC (rev 18650)
+++ data/CVE/list	2012-03-12 14:48:33 UTC (rev 18651)
@@ -829,11 +829,11 @@
 	RESERVED
 CVE-2012-1148
 	RESERVED
-	- expat <unfixed>
+	- expat <unfixed> (bug #663579)
 	NOTE: memory leak
 CVE-2012-1147
 	RESERVED
-	- expat <unfixed>
+	- expat <unfixed> (bug #663579)
 	NOTE: resource leak
 CVE-2012-1146
 	RESERVED
@@ -1512,7 +1512,7 @@
 	RESERVED
 CVE-2012-0876
 	RESERVED
-	- expat <unfixed>
+	- expat <unfixed> (bug #663579)
 	NOTE: the same hash DoS attack as other languages/bindings
 CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
 	RESERVED
@@ -11998,7 +11998,8 @@
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)
 CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in ...)
-	- cherokee <unfixed> (bug #661993)
+	- cherokee <unfixed> (low; bug #661993)
+	[squeeze] - cherokee <no-dsa> (Minor issue)
 CVE-2011-2189 (net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does ...)
 	- linux-2.6 2.6.35-1 (low)
 	[lenny] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
@@ -13775,7 +13776,7 @@
 	{DSA-2226-1}
 	- libmodplug 1:0.8.8.2-1 (low; bug #622091)
 CVE-2011-1573 (net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when ...)
-	- linux-2.6 <undetermined>
+	- linux-2.6 2.6.34-1
 	NOTE: http://xorl.wordpress.com/2011/05/08/cve-2011-1573-linux-kernel-sctp-initinit-ack-length-miscalculation/
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8170c35e738d62e9919ce5b109cf4ed66e9
 CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands (ADC) ...)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-03-12 14:07:35 UTC (rev 18650)
+++ data/spu-candidates.txt	2012-03-12 14:48:33 UTC (rev 18651)
@@ -41,6 +41,11 @@
 
 --
 
+cherokee (CVE-2011-2191)
+#661993
+
+--
+
 emacs23 (CVE-2012-0035)
 #655300

More information about the Secure-testing-commits mailing list