[Secure-testing-commits] r19177 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2012-05-08 21:10:32 +0000 (Tue, 08 May 2012)
New Revision: 19177

Modified:
   data/CVE/list
Log:
nodejs CVEfied
fix wicd squeeze spu upload version
new qpid-cpp issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-05-08 18:41:02 UTC (rev 19176)
+++ data/CVE/list	2012-05-08 21:10:32 UTC (rev 19177)
@@ -2,11 +2,6 @@
     - serendipity <unfixed> (bug #671937; medium)
     NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
     NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-XXXX [node.js <0.6.17/0.7.8 HTTP server information disclosure]
-	- nodejs 0.6.17~dfsg1-1
-	NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
-	NOTE: https://github.com/joyent/node/commit/c9a231d
-	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/274
 CVE-2012-2455
 	RESERVED
 CVE-2012-2454
@@ -364,8 +359,11 @@
 	RESERVED
 CVE-2012-2331
 	RESERVED
-CVE-2012-2330
+CVE-2012-2330 [node.js <0.6.17/0.7.8 HTTP server information disclosure]
 	RESERVED
+	- nodejs 0.6.17~dfsg1-1
+	NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
+	NOTE: https://github.com/joyent/node/commit/c9a231d
 CVE-2012-2329
 	RESERVED
 CVE-2012-2328
@@ -635,7 +633,7 @@
 CVE-2012-2095 [wicd command execution with root privileges]
 	RESERVED
 	- wicd 1.7.2.4-1 (low; bug #668397)
-	[squeeze] - wicd 1.7.0+ds1-5+squeeze1
+	[squeeze] - wicd 1.7.0+ds1-5+squeeze2
 CVE-2012-2215 (Directory traversal vulnerability in the Preboot Service in Novell ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2012-2214 [XMPP remote crash]
@@ -10435,7 +10433,7 @@
 	RESERVED
 	NOT-FOR-US: fluxbb
 CVE-2011-3620 (Apache Qpid 0.12 does not properly verify credentials during the ...)
-	TODO: check
+	- qpid-cpp <unfixed> (bug #672124)
 CVE-2011-3619
 	RESERVED
 	- linux-2.6 3.0.0-1