[Secure-testing-commits] r20450 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Tue Nov 6 09:46:11 UTC 2012
Author: luciano
Date: 2012-11-06 09:46:11 +0000 (Tue, 06 Nov 2012)
New Revision: 20450
Modified:
data/CVE/list
Log:
yui and gegl issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-06 06:56:21 UTC (rev 20449)
+++ data/CVE/list 2012-11-06 09:46:11 UTC (rev 20450)
@@ -749,8 +749,11 @@
RESERVED
CVE-2012-5476
RESERVED
-CVE-2012-5475
+CVE-2012-5475 [YUI 2.x security issue regarding embedded SWF files]
RESERVED
+ - yui <unfixed> (bug #692434)
+ TODO: check
+ NOTE: http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/
CVE-2012-5474
RESERVED
CVE-2012-5473
@@ -3569,8 +3572,11 @@
[squeeze] - fwknop <not-affected> (Vulnerable code not present)
NOTE: http://seclists.org/oss-sec/2012/q3/509
NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=d46ba1c027a11e45821ba897a4928819bccc8f22
-CVE-2012-4433
+CVE-2012-4433 [gegl: Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers]
RESERVED
+ - gegl <unfixed> (bug #692435)
+ TODO: check
+ NOTE: http://seclists.org/oss-sec/2012/q4/215
CVE-2012-4432 (Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x ...)
- optipng <not-affected> (Introduced in 0.7, bug #687998)
CVE-2012-4431
More information about the Secure-testing-commits
mailing list