[Secure-testing-commits] r18691 - data/CVE

[Joey Hess]

Author: joeyh
Date: 2012-03-16 21:14:35 +0000 (Fri, 16 Mar 2012)
New Revision: 18691

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-03-16 15:34:16 UTC (rev 18690)
+++ data/CVE/list	2012-03-16 21:14:35 UTC (rev 18691)
@@ -1,3 +1,7 @@
+CVE-2012-1667
+	RESERVED
+CVE-2012-1666
+	RESERVED
 CVE-2012-XXXX [http://downloads.asterisk.org/pub/security/AST-2012-003.html]
 	- asterisk <unfixed>
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
@@ -369,16 +373,16 @@
 	RESERVED
 CVE-2012-1486
 	RESERVED
-CVE-2012-1485
-	RESERVED
-CVE-2012-1484
-	RESERVED
-CVE-2012-1483
-	RESERVED
-CVE-2012-1482
-	RESERVED
-CVE-2012-1481
-	RESERVED
+CVE-2012-1485 (Unspecified vulnerability in the NetFront Life Browser ...)
+	TODO: check
+CVE-2012-1484 (Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) ...)
+	TODO: check
+CVE-2012-1483 (Unspecified vulnerability in the Message Forwarder ...)
+	TODO: check
+CVE-2012-1482 (Unspecified vulnerability in the TouchPal Contacts ...)
+	TODO: check
+CVE-2012-1481 (Unspecified vulnerability in the Textdroid (com.app.android.textdroid) ...)
+	TODO: check
 CVE-2012-1480 (Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application ...)
 	NOT-FOR-US: Pansi SMS
 CVE-2012-1479 (Unspecified vulnerability in the AContact (com.movester.quickcontact) ...)
@@ -1003,6 +1007,7 @@
 	- libapache2-mod-fcgid 1:2.3.6-1 (bug #615814)
 CVE-2012-1180 [nginx fix for malformed HTTP responses from upstream servers]
 	RESERVED
+	{DSA-2434-1}
 	- nginx <unfixed> (bug #664137)
 	NOTE: http://seclists.org/oss-sec/2012/q1/644
 CVE-2012-1179
@@ -1046,8 +1051,7 @@
 	- ldm  2:2.2.7-1 (bug #663645)
 	[squeeze] - ldm <not-affected> (Introduced in 2.2)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ldm/+bug/953340
-CVE-2012-1165 [openssl: possible NULL dereference on bad MIME headers]
-	RESERVED
+CVE-2012-1165 (The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL ...)
 	- openssl 1.0.0h-1 (low; bug #663642)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/3
 CVE-2012-1164 [openldap (slapd): Assertion failure by processing search quer...]
@@ -3825,14 +3829,14 @@
 	NOT-FOR-US: Advantech/BroadWin WebAccess
 CVE-2012-0233 (Cross-site scripting (XSS) vulnerability in Advantech/BroadWin ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0232
-	RESERVED
-CVE-2012-0231
-	RESERVED
-CVE-2012-0230
-	RESERVED
-CVE-2012-0229
-	RESERVED
+CVE-2012-0232 (Directory traversal vulnerability in rifsrvd.exe in the Remote ...)
+	TODO: check
+CVE-2012-0231 (PRLicenseMgr.exe in the Proficy Server License Manager in GE ...)
+	TODO: check
+CVE-2012-0230 (PRRDS.exe in the Proficy Remote Data Service in GE Intelligent ...)
+	TODO: check
+CVE-2012-0229 (The Data Archiver service in GE Intelligent Platforms Proficy ...)
+	TODO: check
 CVE-2012-0228
 	RESERVED
 CVE-2012-0227