[Secure-testing-commits] r19379 - data/CVE

Wed May 30 21:14:55 UTC 2012

Author: joeyh
Date: 2012-05-30 21:14:54 +0000 (Wed, 30 May 2012)
New Revision: 19379

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-05-30 18:54:38 UTC (rev 19378)
+++ data/CVE/list	2012-05-30 21:14:54 UTC (rev 19379)
@@ -1,4 +1,29 @@
+CVE-2012-2952 (SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier ...)
+	TODO: check
+CVE-2012-2951 (SQL injection vulnerability in plog-rss.php in Plogger allows remote ...)
+	TODO: check
+CVE-2012-2950
+	RESERVED
+CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M device ...)
+	TODO: check
+CVE-2012-2948
+	RESERVED
+CVE-2012-2947
+	RESERVED
+CVE-2012-2946
+	RESERVED
+CVE-2012-2945
+	RESERVED
+CVE-2010-5140
+	RESERVED
+CVE-2010-5139
+	RESERVED
+CVE-2010-5138
+	RESERVED
+CVE-2010-5137
+	RESERVED
 CVE-2012-2944 [upsd remote crash]
+	RESERVED
 	- nut <unfixed>
 	NOTE: https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
 CVE-2012-2943 (CRLF injection vulnerability in cryptographp.inc.php in Cryptographp ...)
@@ -2356,16 +2381,13 @@
 	RESERVED
 	- puppet 2.7.13-1
 	[squeeze] - puppet <not-affected> (Only affects 2.7.x)
-CVE-2012-1988
-	RESERVED
+CVE-2012-1988 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1987
-	RESERVED
+CVE-2012-1987 (Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1986
-	RESERVED
+CVE-2012-1986 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
 CVE-2011-5085 (Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x ...)
@@ -2538,8 +2560,7 @@
 	RESERVED
 CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does not ...)
 	NOT-FOR-US: PrivaWall Antivirus
-CVE-2012-1906
-	RESERVED
+CVE-2012-1906 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
 CVE-2012-1905
@@ -4556,12 +4577,10 @@
 	NOT-FOR-US: Forward module for Drupal
 CVE-2012-1055 (Heap-based buffer overflow in PhotoLine 17.01 and possibly other ...)
 	NOT-FOR-US: PhotoLine
-CVE-2012-1054
-	RESERVED
+CVE-2012-1054 (Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet ...)
 	{DSA-2419-1}
 	- puppet 2.7.11-1
-CVE-2012-1053
-	RESERVED
+CVE-2012-1053 (The change_user method in the SUIDManager ...)
 	{DSA-2419-1}
 	- puppet 2.7.11-1
 CVE-2012-1052 (Buffer overflow in IvanView 1.2.15 allows remote attackers to execute ...)
@@ -5208,8 +5227,7 @@
 	RESERVED
 	{DSA-2449-1}
 	- sqlalchemy 0.6.7-1
-CVE-2012-0804
-	RESERVED
+CVE-2012-0804 (Heap-based buffer overflow in the proxy_connect function in ...)
 	{DSA-2407-1}
 	- cvs 2:1.12.13+real-7
 CVE-2012-0803
@@ -7378,8 +7396,7 @@
 CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting the ...)
 	- jruby <unfixed>
 	[squeeze] - jruby <no-dsa> (Non-free not supported)
-CVE-2012-0220
-	RESERVED
+CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...)
 	{DSA-2474-1}
 	- ikiwiki 3.20120516
 CVE-2012-0219 [socat 'xioscan_readline()' Heap Based Buffer Overflow Vulnerability]
@@ -13249,8 +13266,7 @@
 	- chromium-browser 17.0.963.83~r127885-1
 CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the ...)
 	- chromium-browser 17.0.963.83~r127885-1
-CVE-2011-3048
-	RESERVED
+CVE-2011-3048 (The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, ...)
 	{DSA-2446-1}
 	- libpng 1.2.49-1 (bug #667475)
 CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows remote ...)


