[Secure-testing-commits] r18742 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Mar 23 14:17:07 UTC 2012
Author: jmm
Date: 2012-03-23 14:17:06 +0000 (Fri, 23 Mar 2012)
New Revision: 18742
Modified:
data/CVE/list
Log:
new ffmpeg/libav issues
kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-03-23 09:14:36 UTC (rev 18741)
+++ data/CVE/list 2012-03-23 14:17:06 UTC (rev 18742)
@@ -1667,7 +1667,7 @@
TODO: check
CVE-2012-1097
RESERVED
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 3.2.10-1 (low)
CVE-2012-1096
RESERVED
CVE-2012-1095
@@ -2231,6 +2231,8 @@
RESERVED
CVE-2012-0858
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2012-0857
RESERVED
CVE-2012-0856
@@ -2241,6 +2243,8 @@
RESERVED
CVE-2012-0853
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2012-0852
RESERVED
CVE-2012-0851
@@ -2251,6 +2255,8 @@
RESERVED
CVE-2012-0848
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2012-0847
RESERVED
CVE-2012-0846
@@ -5128,8 +5134,6 @@
[wheezy] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
[squeeze] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
[lenny] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
- NOTE: fix is http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=69e4747ee9727d660b88d7e1efe0f4afcb35db1b (queued for 3.3)
- NOTE: actually unfixed in experimental, not marked because of version numbering
CVE-2012-0057 (PHP before 5.3.9 has improper libxslt security settings, which allows ...)
{DSA-2399-1}
- php5 5.3.9-1 (bug #656308)
@@ -7666,8 +7670,12 @@
- webkit <undetermined>
CVE-2011-3952
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3951
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3950
RESERVED
CVE-2011-3949
@@ -7676,10 +7684,14 @@
RESERVED
CVE-2011-3947
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3946
RESERVED
CVE-2011-3945
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3944
RESERVED
CVE-2011-3943
@@ -7690,14 +7702,20 @@
RESERVED
CVE-2011-3940
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3939
RESERVED
CVE-2011-3938
RESERVED
CVE-2011-3937
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3936
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3935
RESERVED
CVE-2011-3934
@@ -7712,6 +7730,8 @@
RESERVED
CVE-2011-3929
RESERVED
+ - libav 4:0.8.1-1
+ - ffmpeg <removed>
CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 ...)
- chromium-browser 16.0.912.77~r118311-1
- webkit <undetermined>
@@ -13710,8 +13730,7 @@
CVE-2011-1833
RESERVED
- ecryptfs-utils 92-1
- - linux-2.6 <unfixed>
- NOTE: kernel commit 764355487ea220fdc2faf128d577d7f679b91f97
+ - linux-2.6 3.1.1-1
NOTE: cannot be fixed in ecryptfs-utils (squeeze, lenny) until kernel fix is in place
CVE-2011-1832
RESERVED
@@ -19417,7 +19436,7 @@
CVE-2010-4564
RESERVED
CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to ...)
- - linux-2.6 <undetermined>
+ - linux-2.6 <unfixed> (unimportant)
NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, ...)
NOT-FOR-US: Microsoft Windows
More information about the Secure-testing-commits
mailing list