[Secure-testing-commits] r18688 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Mar 16 13:51:26 UTC 2012
Author: jmm
Date: 2012-03-16 13:51:25 +0000 (Fri, 16 Mar 2012)
New Revision: 18688
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
new kernel issue
pidgin no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-03-16 11:50:58 UTC (rev 18687)
+++ data/CVE/list 2012-03-16 13:51:25 UTC (rev 18688)
@@ -1006,8 +1006,10 @@
NOTE: http://seclists.org/oss-sec/2012/q1/644
CVE-2012-1179
RESERVED
+ - linux-2.6 <unfixed>
CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol ...)
- - pidgin 2.10.2-1 (bug #664030)
+ - pidgin 2.10.2-1 (low; bug #664030)
+ [squeeze] - pidgin <no-dsa> (Only exploitable by malicious server)
NOTE: http://pidgin.im/news/security/?id=61
CVE-2012-1177 [libgdata did not verify SSL]
RESERVED
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2012-03-16 11:50:58 UTC (rev 18687)
+++ data/spu-candidates.txt 2012-03-16 13:51:25 UTC (rev 18688)
@@ -223,6 +223,11 @@
--
+pidgin (CVE-2012-1178)
+#664030
+
+--
+
prosody (CVE-2011-2205)
#579087
Also requires additional fix in lua-expat
More information about the Secure-testing-commits
mailing list