[Secure-testing-commits] r19243 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Sun May 13 23:59:15 UTC 2012 

Author: jmm
Date: 2012-05-13 23:59:15 +0000 (Sun, 13 May 2012)
New Revision: 19243

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
empathy no-dsa
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-05-13 23:34:10 UTC (rev 19242)
+++ data/CVE/list	2012-05-13 23:59:15 UTC (rev 19243)
@@ -1,5 +1,5 @@
 CVE-2012-1675 (The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database
 CVE-2012-2623
 	RESERVED
 CVE-2012-2622
@@ -4545,11 +4545,11 @@
 	{DSA-2408-1}
 	- php5 5.3.9-1 (low)
 CVE-2012-0780 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Adobe Illustrator
 CVE-2012-0779 (Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-0778 (Buffer overflow in Adobe Flash Professional before CS6 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash
 CVE-2012-0777 (The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2012-0776 (The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 ...)
@@ -4765,9 +4765,9 @@
 CVE-2012-0686
 	RESERVED
 CVE-2012-0685 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: XnView
 CVE-2012-0684 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: XnView
 CVE-2012-0683
 	RESERVED
 CVE-2012-0682
@@ -4785,7 +4785,7 @@
 CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track state ...)
 	TODO: check
 CVE-2012-0675 (Time Machine in Apple Mac OS X before 10.7.4 does not require ...)
-	TODO: check
+	NOT-FOR-US: Time Machine
 CVE-2012-0674 (Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the ...)
 	TODO: check
 CVE-2012-0673
@@ -10793,6 +10793,7 @@
 	NOT-FOR-US: FreeIPA
 CVE-2011-3635 (Cross-site scripting (XSS) vulnerability in the ...)
 	- empathy 3.2.1.1-1
+	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
 CVE-2011-3634
 	RESERVED

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2012-05-13 23:34:10 UTC (rev 19242)
+++ data/spu-candidates.txt	2012-05-13 23:59:15 UTC (rev 19243)
@@ -93,6 +93,13 @@
 
 --
 
+empathy (CVE-2011-3635)
+http://git.gnome.org/browse/empathy/commit/?id=739aca418457de752be13721218aaebc74bd9d36
+https://bugzilla.gnome.org/show_bug.cgi?id=662035
+
+
+--
+
 eglibc (CVE-2012-0864)
 
 CVE-2011-4609

More information about the Secure-testing-commits mailing list